Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-05-06_51d78fb21ddaecc6bce17d9e977a3fcc_gazer_mafia

  • Size

    4.1MB

  • Sample

    240506-g73rescb7t

  • MD5

    51d78fb21ddaecc6bce17d9e977a3fcc

  • SHA1

    b320faf75aedca3a2135570377a68946147ac95d

  • SHA256

    86d6bbc9a8b13b6dde27a67fdd0f42858a2138e4e796a5e7cb4f67a490e4e6b9

  • SHA512

    9364f9eae67898190fc9af40ae05cc5d2de16c1c0319a4d660d4826a2e687f69a0103c18a8ea92aaa66003d098cb2721174ebb7e80fe0bfbb04bad8db2e8a45c

  • SSDEEP

    98304:uVCRb8icj3z4tZOvPtQA7ghCT/vsGuBXKr:8CRZcj3zXr8dC

Malware Config

Targets

    • Target

      2024-05-06_51d78fb21ddaecc6bce17d9e977a3fcc_gazer_mafia

    • Size

      4.1MB

    • MD5

      51d78fb21ddaecc6bce17d9e977a3fcc

    • SHA1

      b320faf75aedca3a2135570377a68946147ac95d

    • SHA256

      86d6bbc9a8b13b6dde27a67fdd0f42858a2138e4e796a5e7cb4f67a490e4e6b9

    • SHA512

      9364f9eae67898190fc9af40ae05cc5d2de16c1c0319a4d660d4826a2e687f69a0103c18a8ea92aaa66003d098cb2721174ebb7e80fe0bfbb04bad8db2e8a45c

    • SSDEEP

      98304:uVCRb8icj3z4tZOvPtQA7ghCT/vsGuBXKr:8CRZcj3zXr8dC

    • Banload

      Banload variants download malicious files, then install and execute the files.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks