Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Plasmafree.exe

  • Size

    178KB

  • Sample

    240515-2ze1lsge6s

  • MD5

    0d1368d0484c1573ec6857030574d70f

  • SHA1

    fd7014f7a6d73ceba42ef00ab24688f8a5a6a926

  • SHA256

    92ec2793e76d7834e682a9bcc75a82642276105c1e40ca94367f89d712c1168e

  • SHA512

    21a6fb81a4987b5e53f2d1482a9421c08e8622814cbb0ca591136673f22d3deec8b066332828533092f9f0903197ff0fb35a642d2ded1495be7455fad473d5eb

  • SSDEEP

    3072:XepGBwJFv7mTWtLlitV8zD7/+JOS9kfUYan7Rb4zFdsMONp6gKPqY:WYEDm8liT8f7/SOSS+b44NMg8q

Score
9/10

Malware Config

Targets

    • Target

      Plasmafree.exe

    • Size

      178KB

    • MD5

      0d1368d0484c1573ec6857030574d70f

    • SHA1

      fd7014f7a6d73ceba42ef00ab24688f8a5a6a926

    • SHA256

      92ec2793e76d7834e682a9bcc75a82642276105c1e40ca94367f89d712c1168e

    • SHA512

      21a6fb81a4987b5e53f2d1482a9421c08e8622814cbb0ca591136673f22d3deec8b066332828533092f9f0903197ff0fb35a642d2ded1495be7455fad473d5eb

    • SSDEEP

      3072:XepGBwJFv7mTWtLlitV8zD7/+JOS9kfUYan7Rb4zFdsMONp6gKPqY:WYEDm8liT8f7/SOSS+b44NMg8q

    Score
    9/10
    • Looks for VirtualBox Guest Additions in registry

    • Looks for VMWare Tools registry key

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks