Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
VC_Redist.86x.exe
-
Size
76.4MB
-
Sample
240417-rsjp4sdd4w
-
MD5
7a5033c55b79ff312e386b82b595b79a
-
SHA1
fca8752eb08f13e81d6c36a2e02c3e44413c7381
-
SHA256
f6c65ad0928c2855ca9eceb44957e3fb6a634d0c2ff4b4d595491dd52ddb1b65
-
SHA512
0c8b2360d72dd1e8a69ec2f8100762ce18b9826d891e8eb6bf8d0eb5819c713fe8a07fae01f074c103afb33c6389b16f9d3f16e3dcad7edd6f204ee3180d9c4e
-
SSDEEP
1572864:NviEZjFAWSk8IpG7V+VPhqYdfME7mjx6iYweyJulZUdgu0WV6jYm11qZ9U3:NvZZmWSkB05awcfQtnpuK0cmc9U
Behavioral task
behavioral1
Sample
VC_Redist.86x.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
VC_Redist.86x.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
VC_Redist.86x.exe
-
Size
76.4MB
-
MD5
7a5033c55b79ff312e386b82b595b79a
-
SHA1
fca8752eb08f13e81d6c36a2e02c3e44413c7381
-
SHA256
f6c65ad0928c2855ca9eceb44957e3fb6a634d0c2ff4b4d595491dd52ddb1b65
-
SHA512
0c8b2360d72dd1e8a69ec2f8100762ce18b9826d891e8eb6bf8d0eb5819c713fe8a07fae01f074c103afb33c6389b16f9d3f16e3dcad7edd6f204ee3180d9c4e
-
SSDEEP
1572864:NviEZjFAWSk8IpG7V+VPhqYdfME7mjx6iYweyJulZUdgu0WV6jYm11qZ9U3:NvZZmWSkB05awcfQtnpuK0cmc9U
Score9/10-
Enumerates VirtualBox DLL files
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Modify Registry
1Virtualization/Sandbox Evasion
1