Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eda4697e1503a46b8f6841b5ece45481a8104ef8a828074d9a3eaef80d043e5a

  • Size

    3.4MB

  • Sample

    230317-twqc6sbb4v

  • MD5

    8265925a6b84148f317ee552ed4c5c15

  • SHA1

    52741f4a85f7f2c0b4f489ca44aa80dca8657447

  • SHA256

    eda4697e1503a46b8f6841b5ece45481a8104ef8a828074d9a3eaef80d043e5a

  • SHA512

    93fc15bd25142a7556717d73e0b0fccde154ead91d3abb7cf60bb847c67522b9d21583b64858ca7175300b9bfd29b5e6a9b7c2736f48d94386178c662a57f649

  • SSDEEP

    98304:SDaD2xzt49ndR/hqOAX7Jhh15VRN6UnNOzFt:ot4rqN19nI

Malware Config

Targets

    • Target

      eda4697e1503a46b8f6841b5ece45481a8104ef8a828074d9a3eaef80d043e5a

    • Size

      3.4MB

    • MD5

      8265925a6b84148f317ee552ed4c5c15

    • SHA1

      52741f4a85f7f2c0b4f489ca44aa80dca8657447

    • SHA256

      eda4697e1503a46b8f6841b5ece45481a8104ef8a828074d9a3eaef80d043e5a

    • SHA512

      93fc15bd25142a7556717d73e0b0fccde154ead91d3abb7cf60bb847c67522b9d21583b64858ca7175300b9bfd29b5e6a9b7c2736f48d94386178c662a57f649

    • SSDEEP

      98304:SDaD2xzt49ndR/hqOAX7Jhh15VRN6UnNOzFt:ot4rqN19nI

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Modifies file permissions

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks