Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    66d06eb8a554b52d86a1f7e4a8691eab887b5b79c453d0a3f4567d42fbe69dba

  • Size

    3.4MB

  • Sample

    230316-shhwhadf9z

  • MD5

    dbe5c12af8bd0f5b05120c5ec929d004

  • SHA1

    d5fff42b4c76f524d33a13be9d0927ecefb5aea3

  • SHA256

    66d06eb8a554b52d86a1f7e4a8691eab887b5b79c453d0a3f4567d42fbe69dba

  • SHA512

    437bfa444338a118457caecce2982e3855310ae04d02913405cc9a0a9f5ce8f2d02c815714946102f0aec2d1e85d84be68b59ccc8feb4422ff8f59b8bec96460

  • SSDEEP

    98304:Dna5Gkonx+t5bHJmSwD2jCgQIr/84IVuTPYU:ja5InxsjmTK+gQIjCwR

Malware Config

Targets

    • Target

      66d06eb8a554b52d86a1f7e4a8691eab887b5b79c453d0a3f4567d42fbe69dba

    • Size

      3.4MB

    • MD5

      dbe5c12af8bd0f5b05120c5ec929d004

    • SHA1

      d5fff42b4c76f524d33a13be9d0927ecefb5aea3

    • SHA256

      66d06eb8a554b52d86a1f7e4a8691eab887b5b79c453d0a3f4567d42fbe69dba

    • SHA512

      437bfa444338a118457caecce2982e3855310ae04d02913405cc9a0a9f5ce8f2d02c815714946102f0aec2d1e85d84be68b59ccc8feb4422ff8f59b8bec96460

    • SSDEEP

      98304:Dna5Gkonx+t5bHJmSwD2jCgQIr/84IVuTPYU:ja5InxsjmTK+gQIjCwR

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Modifies file permissions

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks