Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3e8c5179ca686222a014f4d1f8803fc986292db01e83f9aae1a05d0c233e42c0

  • Size

    3.4MB

  • Sample

    230320-vve2gsgf6w

  • MD5

    0fdd88a8bdbce3e666baa64eb8d3f93f

  • SHA1

    1de9d8b10439a81f779c8dd0a99827253d1e6881

  • SHA256

    3e8c5179ca686222a014f4d1f8803fc986292db01e83f9aae1a05d0c233e42c0

  • SHA512

    5132a38bb097bc9ba01b59ffd06544ef11f1c0dcc75d94d62deac9c1f1cc4c03a2c5485006a11e9021b10ff9269e5490c80bcf3b1663093c1537b9bb2baa75cb

  • SSDEEP

    98304:HB/hPovhl+YHt0DJSZtAzc/K9gMus7RfRwUIq8DuznQ6:HzQm6EJzxl7RJwk8DuznQ6

Malware Config

Targets

    • Target

      3e8c5179ca686222a014f4d1f8803fc986292db01e83f9aae1a05d0c233e42c0

    • Size

      3.4MB

    • MD5

      0fdd88a8bdbce3e666baa64eb8d3f93f

    • SHA1

      1de9d8b10439a81f779c8dd0a99827253d1e6881

    • SHA256

      3e8c5179ca686222a014f4d1f8803fc986292db01e83f9aae1a05d0c233e42c0

    • SHA512

      5132a38bb097bc9ba01b59ffd06544ef11f1c0dcc75d94d62deac9c1f1cc4c03a2c5485006a11e9021b10ff9269e5490c80bcf3b1663093c1537b9bb2baa75cb

    • SSDEEP

      98304:HB/hPovhl+YHt0DJSZtAzc/K9gMus7RfRwUIq8DuznQ6:HzQm6EJzxl7RJwk8DuznQ6

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Modifies file permissions

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks