Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f8e1b68248848fbbd74402ad9129ffb4.exe

  • Size

    18.5MB

  • Sample

    240714-krmxtatejk

  • MD5

    12d9255227567a75ef9e064e84ef62bd

  • SHA1

    93ff56e0565e69e42f93e85bcc3b844d48156006

  • SHA256

    7d2c6a9bd728bbcc103b49956bf49efc4796acb1cfba6776cbf2e0cc0414c0b1

  • SHA512

    73ff67b61613bd2d0557768266076ab9d2dea9964ee5ff7e32fc46752cc51f54b833a7d9a0d4c5e3cc23f9576d4955d7c3eca5e59b9817578f08f01b0a9ee1c3

  • SSDEEP

    393216:uSLpLFG0zW0zkV8GP870Qj3+thpvLpTWwim72/kpW8wxUm:uSLBz1ABUj3+vpvLpTLim7KiQl

Malware Config

Targets

    • Target

      f8e1b68248848fbbd74402ad9129ffb4.exe

    • Size

      18.5MB

    • MD5

      12d9255227567a75ef9e064e84ef62bd

    • SHA1

      93ff56e0565e69e42f93e85bcc3b844d48156006

    • SHA256

      7d2c6a9bd728bbcc103b49956bf49efc4796acb1cfba6776cbf2e0cc0414c0b1

    • SHA512

      73ff67b61613bd2d0557768266076ab9d2dea9964ee5ff7e32fc46752cc51f54b833a7d9a0d4c5e3cc23f9576d4955d7c3eca5e59b9817578f08f01b0a9ee1c3

    • SSDEEP

      393216:uSLpLFG0zW0zkV8GP870Qj3+thpvLpTWwim72/kpW8wxUm:uSLBz1ABUj3+vpvLpTLim7KiQl

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks