Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Infinity+Installer.exe

  • Size

    31.3MB

  • Sample

    240726-e4qlkszclb

  • MD5

    da3cb7c46d95a87bd4e1af02b414662c

  • SHA1

    56d893ff658365f2973bec9f46b4dfd8598fbcce

  • SHA256

    e08629b64da23af97bbbbbbb3c8ff11c2f0572898e993224ec33ccb3680fe39f

  • SHA512

    313ea2d6fc296cab5757b42581e6d5ec532572a46611fc290581bebec822d420e430249a76ab625fcccc6822071332f057907b23d410d136b79de7aebe97cfa5

  • SSDEEP

    786432:mb9Z9Hcv/B7vDzdbWzcY8764SeoK8vCW8zVXIijPtImZ16cEE5IyLII:mBvHcv/B7v3dKE7xZjdW4Nj6uZoH

Malware Config

Targets

    • Target

      Infinity+Installer.exe

    • Size

      31.3MB

    • MD5

      da3cb7c46d95a87bd4e1af02b414662c

    • SHA1

      56d893ff658365f2973bec9f46b4dfd8598fbcce

    • SHA256

      e08629b64da23af97bbbbbbb3c8ff11c2f0572898e993224ec33ccb3680fe39f

    • SHA512

      313ea2d6fc296cab5757b42581e6d5ec532572a46611fc290581bebec822d420e430249a76ab625fcccc6822071332f057907b23d410d136b79de7aebe97cfa5

    • SSDEEP

      786432:mb9Z9Hcv/B7vDzdbWzcY8764SeoK8vCW8zVXIijPtImZ16cEE5IyLII:mBvHcv/B7v3dKE7xZjdW4Nj6uZoH

    • Enumerates VirtualBox DLL files

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks