Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    maple (2).zip

  • Size

    49.5MB

  • Sample

    240606-sydaysha29

  • MD5

    5c2c5e4a0e9dacf50393213eed7fc65f

  • SHA1

    acc4cf364389605095c88c489db8370c9e274a43

  • SHA256

    485ddbe13e2b499550e9a904bcdfe5db5b2f5a0bf8b3f7607a2ba13219e607f4

  • SHA512

    4ec4cc13c0d54a41053e12a2ae0034f2e19c4531259e655e62776090ba6f164357c47da30f70467484c63e0c8b43b55de4222321007762695be855b7b3eeb46f

  • SSDEEP

    1572864:POUY4Zr06QNBsV3yIamhHKC7Re5DntXS8LoGqV6oDU:2Upr06GBsV3yq7On9op6+U

Score
9/10

Malware Config

Targets

    • Target

      maple/maple/crack.dll

    • Size

      5.0MB

    • MD5

      b5b1b26e855eda6268b9a2008e0fce86

    • SHA1

      d7925f7de5835e3564b187d8654bb9305ea945fb

    • SHA256

      06dec4f9857f7b9a43157756606546d04a0f34c87681c7db9aab9125a43b33a7

    • SHA512

      14ad2e93ed5876dd246ce6f32674e994b4f35a5acbb1ac46388bebc682a70ce4eca974fda102c273c71dae3c9bc7b69f965fd636cb2d5c579de9cd23e8b35799

    • SSDEEP

      98304:j+YCYfXbb8DckgAEhxWiHF/5DoNZ2qkFVwz7583lfdmjLdGGf:jP8QDDRF/eNsqgiZ

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Target

      maple/maple/loader.exe

    • Size

      5.3MB

    • MD5

      e630d72436e3dc1be7763de7f75b7adf

    • SHA1

      40e07b22ab8b69e6827f90e20aeac35757899a23

    • SHA256

      59818142f41895d3cadf7bee0124b392af3473060f00b9548daa3a224223993e

    • SHA512

      82f0be15e2736447fae7d9a313a8a81a2c6e6ca617539ff8bf3fa0d2fe93d96e68afea6964e96e9dd671ba4090ddbc8a759c9b68f10e24a7fb847fe2c9825a83

    • SSDEEP

      98304:MY5XZjNqBeNp4iSgPKpQ9CKhqkaIWvO9SYCxBKXyaxVdb+tSVGHyYDMMl7qg7:MYpMeNp4irCmWISnTz2VtIVDMg7n7

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

    • Target

      maple/maple/maple.exe

    • Size

      40.8MB

    • MD5

      db7b4b030f0a44a2f51c957d949f8e1e

    • SHA1

      7814eaffb9c68fb78f3f69380439aaf94d556828

    • SHA256

      8f5f582788ce95ba51ca37dac8e45fff1674e0d36e4129731edded7e71a94c30

    • SHA512

      be6f371423a0bee1b3d3f61640e1b6ca64290a4a864d4a1b3ad8ca6250650ca01d42b635f650138733b3817c491f64a8bc82622e7f1b565dc4cc8da37e43a63c

    • SSDEEP

      786432:GmtGTz74LgKKoB7fgM3QZ2ciA4DS+mC8yZ9BSmPpnbP3EwlIFFnHpu1Ckf9+uKcY:GmKoLW233u2cipDM+Z9LFPI/nkUg9M6S

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks