Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fc79578491fc873a67d446cc6f7cc4df92c589516e2c7bc7b2d418823838d97c

  • Size

    3.4MB

  • Sample

    230315-f2j7fsbf97

  • MD5

    c15dcae56336f681ea1dd5aad33bb62b

  • SHA1

    dec7bdfc4c06c2f1475e9159916da6fd05c7fc36

  • SHA256

    fc79578491fc873a67d446cc6f7cc4df92c589516e2c7bc7b2d418823838d97c

  • SHA512

    4e799450778e10b009e9e81771537b24d05a52cc6799ec869e46327f07b0d68acd478156c4370947aac11e55f69483f422c3f5a00baa878588001fe10c8e2e7b

  • SSDEEP

    49152:onrbOKMFrJmsf6/HAv4fVCnoYcNmCCyQaxfrLkWUhsZz2RNRenjqc4i3PHkVgXIf:YaEU6/HWQ4noYOCtapQX9ejqcT3/SgYf

Malware Config

Targets

    • Target

      fc79578491fc873a67d446cc6f7cc4df92c589516e2c7bc7b2d418823838d97c

    • Size

      3.4MB

    • MD5

      c15dcae56336f681ea1dd5aad33bb62b

    • SHA1

      dec7bdfc4c06c2f1475e9159916da6fd05c7fc36

    • SHA256

      fc79578491fc873a67d446cc6f7cc4df92c589516e2c7bc7b2d418823838d97c

    • SHA512

      4e799450778e10b009e9e81771537b24d05a52cc6799ec869e46327f07b0d68acd478156c4370947aac11e55f69483f422c3f5a00baa878588001fe10c8e2e7b

    • SSDEEP

      49152:onrbOKMFrJmsf6/HAv4fVCnoYcNmCCyQaxfrLkWUhsZz2RNRenjqc4i3PHkVgXIf:YaEU6/HWQ4noYOCtapQX9ejqcT3/SgYf

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks