Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    849fc0c4496ba40a1c8662f54fc7f459cd6077f934e29077348b1c77fda09a4d

  • Size

    3.4MB

  • Sample

    230316-n1448saf76

  • MD5

    ff7c5f7d6900ad65f8870feb07b133d0

  • SHA1

    ec27c8d7ae9f3963d2d42e80c060308aad887053

  • SHA256

    849fc0c4496ba40a1c8662f54fc7f459cd6077f934e29077348b1c77fda09a4d

  • SHA512

    ddfa352cd739f8f07cb657c5116a2664e6e54c363a3f7dba9e42a61c6207177f7f262d7a8fb3ad393f135bfdd3b892d39d3507ed0b9d64b62f482076245736f7

  • SSDEEP

    98304:Zna5Gkonx+t5bHJmSwD2jCgQIr/84IVuTPY5:Za5InxsjmTK+gQIjCwg

Malware Config

Targets

    • Target

      849fc0c4496ba40a1c8662f54fc7f459cd6077f934e29077348b1c77fda09a4d

    • Size

      3.4MB

    • MD5

      ff7c5f7d6900ad65f8870feb07b133d0

    • SHA1

      ec27c8d7ae9f3963d2d42e80c060308aad887053

    • SHA256

      849fc0c4496ba40a1c8662f54fc7f459cd6077f934e29077348b1c77fda09a4d

    • SHA512

      ddfa352cd739f8f07cb657c5116a2664e6e54c363a3f7dba9e42a61c6207177f7f262d7a8fb3ad393f135bfdd3b892d39d3507ed0b9d64b62f482076245736f7

    • SSDEEP

      98304:Zna5Gkonx+t5bHJmSwD2jCgQIr/84IVuTPY5:Za5InxsjmTK+gQIjCwg

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Modifies file permissions

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks