Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    VC_Redist.86x.exe

  • Size

    76.4MB

  • Sample

    240417-rsjp4sdd4w

  • MD5

    7a5033c55b79ff312e386b82b595b79a

  • SHA1

    fca8752eb08f13e81d6c36a2e02c3e44413c7381

  • SHA256

    f6c65ad0928c2855ca9eceb44957e3fb6a634d0c2ff4b4d595491dd52ddb1b65

  • SHA512

    0c8b2360d72dd1e8a69ec2f8100762ce18b9826d891e8eb6bf8d0eb5819c713fe8a07fae01f074c103afb33c6389b16f9d3f16e3dcad7edd6f204ee3180d9c4e

  • SSDEEP

    1572864:NviEZjFAWSk8IpG7V+VPhqYdfME7mjx6iYweyJulZUdgu0WV6jYm11qZ9U3:NvZZmWSkB05awcfQtnpuK0cmc9U

Malware Config

Targets

    • Target

      VC_Redist.86x.exe

    • Size

      76.4MB

    • MD5

      7a5033c55b79ff312e386b82b595b79a

    • SHA1

      fca8752eb08f13e81d6c36a2e02c3e44413c7381

    • SHA256

      f6c65ad0928c2855ca9eceb44957e3fb6a634d0c2ff4b4d595491dd52ddb1b65

    • SHA512

      0c8b2360d72dd1e8a69ec2f8100762ce18b9826d891e8eb6bf8d0eb5819c713fe8a07fae01f074c103afb33c6389b16f9d3f16e3dcad7edd6f204ee3180d9c4e

    • SSDEEP

      1572864:NviEZjFAWSk8IpG7V+VPhqYdfME7mjx6iYweyJulZUdgu0WV6jYm11qZ9U3:NvZZmWSkB05awcfQtnpuK0cmc9U

    • Enumerates VirtualBox DLL files

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks