Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    54df29f1f4f7f20c2b963b58b4ea25928123b8f68ab040fdbf8d4852535ee024

  • Size

    836KB

  • Sample

    221203-w3hm1sea25

  • MD5

    83ecba294e7e30467f9aae0397175b81

  • SHA1

    441a86c928101e3441ab2ae8e8e62e173b0b3d00

  • SHA256

    54df29f1f4f7f20c2b963b58b4ea25928123b8f68ab040fdbf8d4852535ee024

  • SHA512

    d2ca39863a65a4e3eff42c660285337b0ae32543ef3c863226f1d1b5212ced2ea51ca40261c0174edd13e8922ef8bb8c6fc9cd2911230dac2bd2bdc48d5864e3

  • SSDEEP

    24576:qKVsmm/LW+VAtm5no1KRGmsVRM2wpnd8gQj:DY/LnA62KRG7VRT0dEj

Malware Config

Targets

    • Target

      54df29f1f4f7f20c2b963b58b4ea25928123b8f68ab040fdbf8d4852535ee024

    • Size

      836KB

    • MD5

      83ecba294e7e30467f9aae0397175b81

    • SHA1

      441a86c928101e3441ab2ae8e8e62e173b0b3d00

    • SHA256

      54df29f1f4f7f20c2b963b58b4ea25928123b8f68ab040fdbf8d4852535ee024

    • SHA512

      d2ca39863a65a4e3eff42c660285337b0ae32543ef3c863226f1d1b5212ced2ea51ca40261c0174edd13e8922ef8bb8c6fc9cd2911230dac2bd2bdc48d5864e3

    • SSDEEP

      24576:qKVsmm/LW+VAtm5no1KRGmsVRM2wpnd8gQj:DY/LnA62KRG7VRT0dEj

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks