Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6b89b9e3a00f0cbd377f93f1413d8beb2bab54785f40a65e68e638095f4f272e

  • Size

    512KB

  • Sample

    221128-jmfr9sfg68

  • MD5

    5d4713eb003ce7368464900d2e37a0b2

  • SHA1

    806b4dfa512c3a81b4f0fc19dfcd52c7fb767b96

  • SHA256

    6b89b9e3a00f0cbd377f93f1413d8beb2bab54785f40a65e68e638095f4f272e

  • SHA512

    b017fcabdc7c381477d234671062953e125daa84af88d926618ee3fb1658ef2c68f3e0bd5c52a497f04d6228c41bfbbaf25e7e90adecdcefa7fbcfac43daf1a0

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4U:0+h9OY70z+warul3E4U

Score
9/10

Malware Config

Targets

    • Target

      6b89b9e3a00f0cbd377f93f1413d8beb2bab54785f40a65e68e638095f4f272e

    • Size

      512KB

    • MD5

      5d4713eb003ce7368464900d2e37a0b2

    • SHA1

      806b4dfa512c3a81b4f0fc19dfcd52c7fb767b96

    • SHA256

      6b89b9e3a00f0cbd377f93f1413d8beb2bab54785f40a65e68e638095f4f272e

    • SHA512

      b017fcabdc7c381477d234671062953e125daa84af88d926618ee3fb1658ef2c68f3e0bd5c52a497f04d6228c41bfbbaf25e7e90adecdcefa7fbcfac43daf1a0

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4U:0+h9OY70z+warul3E4U

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks