Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

7

Fragment.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Fragment.exe

  • Size

    3.6MB

  • Sample

    240107-dl6peaeeh4

  • MD5

    96aeac278f4c16b5545d8264b9d9103e

  • SHA1

    6d9e1db1fac6aa99eb2ff60be514f7c045b64d67

  • SHA256

    b11afbe3b821ff6e6b6ea3c74058b7c2b10cbf5dfe1da52befcad7b85c032a15

  • SHA512

    8da68eff7cf8565fb55f95da129bdc0ad3673de3a1707988d702be955279362577092848fa93f90f0b4eb2fba8680f431d6c6f43578163279ffa3d91c6dcaa66

  • SSDEEP

    98304:mJK2vINDgbGwDD0kSWh4KeapPPCufYKA0tC:mJKrVtwca49ySz

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      Fragment.exe

    • Size

      3.6MB

    • MD5

      96aeac278f4c16b5545d8264b9d9103e

    • SHA1

      6d9e1db1fac6aa99eb2ff60be514f7c045b64d67

    • SHA256

      b11afbe3b821ff6e6b6ea3c74058b7c2b10cbf5dfe1da52befcad7b85c032a15

    • SHA512

      8da68eff7cf8565fb55f95da129bdc0ad3673de3a1707988d702be955279362577092848fa93f90f0b4eb2fba8680f431d6c6f43578163279ffa3d91c6dcaa66

    • SSDEEP

      98304:mJK2vINDgbGwDD0kSWh4KeapPPCufYKA0tC:mJKrVtwca49ySz

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks