Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    80b38385db72a1c70c0fce431dba1dd6d3a1e804c885ae469791278082a18278

  • Size

    2.8MB

  • Sample

    221206-qzlbvaff6y

  • MD5

    a8702c9c645f836412347dcfc7e19e78

  • SHA1

    53eb6550644cd673d37bc09f916e4d0077876a55

  • SHA256

    80b38385db72a1c70c0fce431dba1dd6d3a1e804c885ae469791278082a18278

  • SHA512

    cd64cd48c4d2c4051263c12ff9143b22a1a7042f17f71de2edfd7c18ce9f4ce585760af8f29393618594745733bbed7c7de844faf5156c8ba48afa2a47fe2832

  • SSDEEP

    49152:3/MUg1hquhjmMlEdOcxYdn6b27zvXvs09PTXLuy:dKhJmMqdOcxYl77/s09bXq

Malware Config

Targets

    • Target

      80b38385db72a1c70c0fce431dba1dd6d3a1e804c885ae469791278082a18278

    • Size

      2.8MB

    • MD5

      a8702c9c645f836412347dcfc7e19e78

    • SHA1

      53eb6550644cd673d37bc09f916e4d0077876a55

    • SHA256

      80b38385db72a1c70c0fce431dba1dd6d3a1e804c885ae469791278082a18278

    • SHA512

      cd64cd48c4d2c4051263c12ff9143b22a1a7042f17f71de2edfd7c18ce9f4ce585760af8f29393618594745733bbed7c7de844faf5156c8ba48afa2a47fe2832

    • SSDEEP

      49152:3/MUg1hquhjmMlEdOcxYdn6b27zvXvs09PTXLuy:dKhJmMqdOcxYl77/s09bXq

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks