Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    PrecisionBuildOne.exe

  • Size

    47KB

  • Sample

    240219-3nzrbagb25

  • MD5

    cc0b62622f1d417079f1eee9916a9ecc

  • SHA1

    a756c90e180a7a03558b6736689bb6db18307903

  • SHA256

    c328af6a43591f7e71d54686b75e87babd185499282c748a6766e5cfc721e305

  • SHA512

    204c65be35aaa4700a622290873f80195bf2a798e2fd52e5f3be6105feb1487a3af4a656d6ea3d76afa6e65378e1139964ead7bc8a2e2ce69e7eab86b1be1559

  • SSDEEP

    768:wNSkwV6Ja7I09g+Q82jgfAUbZ6EdIfc9eDWlhzLJTtYcFwVc6K:wNSkW6aibjgflbgEdI5DAzLJDwVcl

Score
9/10

Malware Config

Targets

    • Target

      PrecisionBuildOne.exe

    • Size

      47KB

    • MD5

      cc0b62622f1d417079f1eee9916a9ecc

    • SHA1

      a756c90e180a7a03558b6736689bb6db18307903

    • SHA256

      c328af6a43591f7e71d54686b75e87babd185499282c748a6766e5cfc721e305

    • SHA512

      204c65be35aaa4700a622290873f80195bf2a798e2fd52e5f3be6105feb1487a3af4a656d6ea3d76afa6e65378e1139964ead7bc8a2e2ce69e7eab86b1be1559

    • SSDEEP

      768:wNSkwV6Ja7I09g+Q82jgfAUbZ6EdIfc9eDWlhzLJTtYcFwVc6K:wNSkW6aibjgflbgEdI5DAzLJDwVcl

    Score
    9/10
    • Looks for VirtualBox Guest Additions in registry

    • Looks for VMWare Tools registry key

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks