Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dc3d8f3fb3a8f4367fab01aca21559419c49d3dc63dffa1478371774c0e84c91

  • Size

    3.4MB

  • Sample

    230313-22j3caee5s

  • MD5

    02c91ef4e73e1abe54e91c4d1612ff0b

  • SHA1

    2e120d9061953b7cf802a75602e55f3ba52f9f37

  • SHA256

    dc3d8f3fb3a8f4367fab01aca21559419c49d3dc63dffa1478371774c0e84c91

  • SHA512

    29e9433d953ad4dc4ea2c77704553125cc24d66102bf5421fdc20bb52326046b047c3ed8bf5fa00333b257cc2ee8de455e74283f0fb1c33b508859ae5b4b0f22

  • SSDEEP

    98304:xB32mwMi6hqm+mXHkTiGDsAsQJEwky5CXjcM0Jhv8jYhz:WmRhfv3DG4+vsXjcM0zv8jS

Malware Config

Targets

    • Target

      dc3d8f3fb3a8f4367fab01aca21559419c49d3dc63dffa1478371774c0e84c91

    • Size

      3.4MB

    • MD5

      02c91ef4e73e1abe54e91c4d1612ff0b

    • SHA1

      2e120d9061953b7cf802a75602e55f3ba52f9f37

    • SHA256

      dc3d8f3fb3a8f4367fab01aca21559419c49d3dc63dffa1478371774c0e84c91

    • SHA512

      29e9433d953ad4dc4ea2c77704553125cc24d66102bf5421fdc20bb52326046b047c3ed8bf5fa00333b257cc2ee8de455e74283f0fb1c33b508859ae5b4b0f22

    • SSDEEP

      98304:xB32mwMi6hqm+mXHkTiGDsAsQJEwky5CXjcM0Jhv8jYhz:WmRhfv3DG4+vsXjcM0zv8jS

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Modifies file permissions

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks