Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    743977782c5875d0a2c0f83e6db721cfe26d2238dbe5955e882de77381732324

  • Size

    3.4MB

  • Sample

    230317-q44zraae3w

  • MD5

    428320d3254f102e13b6873c5e31caed

  • SHA1

    04e28ccb707fab9c1728fa03b58772b522965813

  • SHA256

    743977782c5875d0a2c0f83e6db721cfe26d2238dbe5955e882de77381732324

  • SHA512

    bbec5f2d63f2a809fe325203623a3b11d3ea672cf9edd80770c5e141427f43cbf5a341dc74347c1be9ff0d1cea0bef88ae80779cde82e549ccf08ce3018575a4

  • SSDEEP

    98304:BfaD2xzt49ndR/hqOAX7Jhh15VRN6UnNOzFc:9t4rqN19n9

Malware Config

Targets

    • Target

      743977782c5875d0a2c0f83e6db721cfe26d2238dbe5955e882de77381732324

    • Size

      3.4MB

    • MD5

      428320d3254f102e13b6873c5e31caed

    • SHA1

      04e28ccb707fab9c1728fa03b58772b522965813

    • SHA256

      743977782c5875d0a2c0f83e6db721cfe26d2238dbe5955e882de77381732324

    • SHA512

      bbec5f2d63f2a809fe325203623a3b11d3ea672cf9edd80770c5e141427f43cbf5a341dc74347c1be9ff0d1cea0bef88ae80779cde82e549ccf08ce3018575a4

    • SSDEEP

      98304:BfaD2xzt49ndR/hqOAX7Jhh15VRN6UnNOzFc:9t4rqN19n9

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Modifies file permissions

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks