Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

0522546519...08.exe

windows7-x64

8

0522546519...08.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0522546519d4ec1efe7f947c291287db5219027476500c11a59984377c853308

  • Size

    140KB

  • Sample

    221201-g3pn1afd2w

  • MD5

    438320792e6dc8bccb6beeba01f4dd82

  • SHA1

    40373fc465ef56c422c7a6745a9030150202e619

  • SHA256

    0522546519d4ec1efe7f947c291287db5219027476500c11a59984377c853308

  • SHA512

    6a13589c647ca9b000ebf55856c42a8581fca0ba65dc0f87d4ef150724749be8232d78607fba345d6d514a8135bcd47052605ada6c563504b1e02973e71b1caa

  • SSDEEP

    3072:lb4s/l8iiDXiYukRy9Vd746gh4Z91gCBzTz4y3/UHj7Nzspl+fXv:lB/l0Xi3uyJ7Mhy9dx3s3ff

Score
8/10
persistencevmprotect

Malware Config

Targets

    • Target

      0522546519d4ec1efe7f947c291287db5219027476500c11a59984377c853308

    • Size

      140KB

    • MD5

      438320792e6dc8bccb6beeba01f4dd82

    • SHA1

      40373fc465ef56c422c7a6745a9030150202e619

    • SHA256

      0522546519d4ec1efe7f947c291287db5219027476500c11a59984377c853308

    • SHA512

      6a13589c647ca9b000ebf55856c42a8581fca0ba65dc0f87d4ef150724749be8232d78607fba345d6d514a8135bcd47052605ada6c563504b1e02973e71b1caa

    • SSDEEP

      3072:lb4s/l8iiDXiYukRy9Vd746gh4Z91gCBzTz4y3/UHj7Nzspl+fXv:lB/l0Xi3uyJ7Mhy9dx3s3ff

    Score
    8/10
    persistencevmprotect

    • Sets DLL path for service in the registry

      persistence

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks