Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-06-08_b746149b41efd5d88de45c7ec1cc5ced_mafia

  • Size

    500KB

  • Sample

    240608-z2e3aahb26

  • MD5

    b746149b41efd5d88de45c7ec1cc5ced

  • SHA1

    380d0e37209b83a94ff9e2cf090fbcbdaac3da37

  • SHA256

    db9e37485f6b5aaa52cdd48fba0e0de6fba774f95813d0b2a7ee0312ae828268

  • SHA512

    467b5815fde9941264085af7c7f73980317f725c2660041ba82f545d791dcb4a3dbd5a81b22a89b496020c08cd62ba22d3daea129582d26cc1c9fe76e11fbbf8

  • SSDEEP

    12288:DbEqkIX9IoqwhJmWYUXBDcLP7jGKk1XKdsKFW8:DbRk++whzBIP7jCJ8

Score
9/10

Malware Config

Targets

    • Target

      2024-06-08_b746149b41efd5d88de45c7ec1cc5ced_mafia

    • Size

      500KB

    • MD5

      b746149b41efd5d88de45c7ec1cc5ced

    • SHA1

      380d0e37209b83a94ff9e2cf090fbcbdaac3da37

    • SHA256

      db9e37485f6b5aaa52cdd48fba0e0de6fba774f95813d0b2a7ee0312ae828268

    • SHA512

      467b5815fde9941264085af7c7f73980317f725c2660041ba82f545d791dcb4a3dbd5a81b22a89b496020c08cd62ba22d3daea129582d26cc1c9fe76e11fbbf8

    • SSDEEP

      12288:DbEqkIX9IoqwhJmWYUXBDcLP7jGKk1XKdsKFW8:DbRk++whzBIP7jCJ8

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks