Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
nitro gen 100% working.exe
-
Size
35.0MB
-
Sample
240714-w9p1nsvepe
-
MD5
051b57fdf24082f124d586141f4ccbdf
-
SHA1
1c723d3ce7150c031fa88ce6afebe1be20f37f04
-
SHA256
1081712a1bbf3cd062ff5fda52d5160dce69c707018f698a3bd0dce82be8b5d1
-
SHA512
d2edc1e2829d37d8275f22a542da1f6358744e17514a0f5f3e212243009b2ac7f2e7c618123364a013fddc8feaf6065a7f788d986e3cba2e2285809dc7c346c8
-
SSDEEP
786432:G9C9RbdQA98U+9qJKfzcY87PCirgItW8sl9voxglQL6D:oURZQA9v+3E7IItWfl9KgI6
Behavioral task
behavioral1
Sample
nitro gen 100% working.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
nitro gen 100% working.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
nitro gen 100% working.exe
-
Size
35.0MB
-
MD5
051b57fdf24082f124d586141f4ccbdf
-
SHA1
1c723d3ce7150c031fa88ce6afebe1be20f37f04
-
SHA256
1081712a1bbf3cd062ff5fda52d5160dce69c707018f698a3bd0dce82be8b5d1
-
SHA512
d2edc1e2829d37d8275f22a542da1f6358744e17514a0f5f3e212243009b2ac7f2e7c618123364a013fddc8feaf6065a7f788d986e3cba2e2285809dc7c346c8
-
SSDEEP
786432:G9C9RbdQA98U+9qJKfzcY87PCirgItW8sl9voxglQL6D:oURZQA9v+3E7IItWfl9KgI6
Score9/10-
Enumerates VirtualBox DLL files
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Modify Registry
1Virtualization/Sandbox Evasion
1