Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    53dcd0cf7477087f4e823682957b82122db51cfce93f8b2f5d7fda6338283206

  • Size

    11.7MB

  • Sample

    231007-lhfb2scg37

  • MD5

    a9a79898b6adeffd346ec7ccbc49fa85

  • SHA1

    8c55cb89cc7996d46e06c6261d27ed7a82507085

  • SHA256

    53dcd0cf7477087f4e823682957b82122db51cfce93f8b2f5d7fda6338283206

  • SHA512

    6e1d9349e3f85f064255b1dddd65adfe7f108dd527d3e93230c498d510ce30a15cf73565da32d8a44d48f24d939f0ed1b32f408f13b9e188a1bdc21e75cd7366

  • SSDEEP

    196608:DO1aT9/ah5LInZHOYNUqA0g6X28dNgovTQ0J7AdCIetOl27NEMSisx:q1Oagxg63dCqNT50o+fisx

Score
9/10

Malware Config

Targets

    • Target

      53dcd0cf7477087f4e823682957b82122db51cfce93f8b2f5d7fda6338283206

    • Size

      11.7MB

    • MD5

      a9a79898b6adeffd346ec7ccbc49fa85

    • SHA1

      8c55cb89cc7996d46e06c6261d27ed7a82507085

    • SHA256

      53dcd0cf7477087f4e823682957b82122db51cfce93f8b2f5d7fda6338283206

    • SHA512

      6e1d9349e3f85f064255b1dddd65adfe7f108dd527d3e93230c498d510ce30a15cf73565da32d8a44d48f24d939f0ed1b32f408f13b9e188a1bdc21e75cd7366

    • SSDEEP

      196608:DO1aT9/ah5LInZHOYNUqA0g6X28dNgovTQ0J7AdCIetOl27NEMSisx:q1Oagxg63dCqNT50o+fisx

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks