Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Client.exe

  • Size

    155KB

  • Sample

    231117-chrweadc99

  • MD5

    f0f9059b432a34b30443060f061c0045

  • SHA1

    729e35fcdd4e591631340b0a71a06516b9c106a6

  • SHA256

    9ab2087e5aa3c59077d603470cd2eab19ec3e34320333707c244808bd54acaae

  • SHA512

    694d1e338c66956d031bfd35392a9bc3546d86e7c5fc956a6a0b16f3260e43d644b0f04994a35d707ef7bb11523d7cdf786f9c86de9a78a1bb9c8e36a673e161

  • SSDEEP

    3072:7Brq0Wi3FSJ3JA48E3qY7AfS/P/pXDPXtrcyWe7oFUG6EeRWb13+f:7B20WIFw5A48oPRDKyW2oFeEe4b

Score
9/10

Malware Config

Targets

    • Target

      Client.exe

    • Size

      155KB

    • MD5

      f0f9059b432a34b30443060f061c0045

    • SHA1

      729e35fcdd4e591631340b0a71a06516b9c106a6

    • SHA256

      9ab2087e5aa3c59077d603470cd2eab19ec3e34320333707c244808bd54acaae

    • SHA512

      694d1e338c66956d031bfd35392a9bc3546d86e7c5fc956a6a0b16f3260e43d644b0f04994a35d707ef7bb11523d7cdf786f9c86de9a78a1bb9c8e36a673e161

    • SSDEEP

      3072:7Brq0Wi3FSJ3JA48E3qY7AfS/P/pXDPXtrcyWe7oFUG6EeRWb13+f:7B20WIFw5A48oPRDKyW2oFeEe4b

    Score
    9/10
    • Looks for VirtualBox Guest Additions in registry

    • Looks for VMWare Tools registry key

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks