Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8b8df6391b5a71ed0217ffc5367f0dec

  • Size

    518KB

  • Sample

    240203-gh8alschen

  • MD5

    8b8df6391b5a71ed0217ffc5367f0dec

  • SHA1

    842c948438c132ae162024198fd6e616c170c259

  • SHA256

    16c51826c4a6070da0f0a6762723d82bdc66e2453d591c2cdb0ae59e1cd23213

  • SHA512

    75124d436c96ee6b2be1889d46e7da7b4aad771608bc5b0260f8727af6665d7525561a3ff1298427c6bf2fcfc576ada53b732d4a33274322b815f5adb90d94ce

  • SSDEEP

    12288:dYvksw0qRRIKmn4YCs7LvMXtto1fJda+9EiBZSi:dYvksmRQt7UtuJLH9EiBZSi

Score
9/10

Malware Config

Targets

    • Target

      8b8df6391b5a71ed0217ffc5367f0dec

    • Size

      518KB

    • MD5

      8b8df6391b5a71ed0217ffc5367f0dec

    • SHA1

      842c948438c132ae162024198fd6e616c170c259

    • SHA256

      16c51826c4a6070da0f0a6762723d82bdc66e2453d591c2cdb0ae59e1cd23213

    • SHA512

      75124d436c96ee6b2be1889d46e7da7b4aad771608bc5b0260f8727af6665d7525561a3ff1298427c6bf2fcfc576ada53b732d4a33274322b815f5adb90d94ce

    • SSDEEP

      12288:dYvksw0qRRIKmn4YCs7LvMXtto1fJda+9EiBZSi:dYvksmRQt7UtuJLH9EiBZSi

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks