Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    721839f3b46046e609e0460fc7d66280N.exe

  • Size

    506KB

  • Sample

    240802-h8za3axdne

  • MD5

    721839f3b46046e609e0460fc7d66280

  • SHA1

    be5fd324888881f66a8c22dc91192d2b78f06a16

  • SHA256

    a7ff068df4e5cb90cfef8c4b5f6d512ca021ae9b71b111e701cfef53e953a960

  • SHA512

    5ddf274d2761c7184229a11ffeb4279bef19149a4ae0b9badfd43f87d4947aa730ec83bf72f5feef0e415f28dcac3177a77ec80776c43e3d7e9dfc6785523d9b

  • SSDEEP

    12288:DyQRUAXZNHvLiW4NJz5cY2vklltT1AV0MjoB5W+u:Dy5AXDHvLijd2cllpGV0MC59u

Score
9/10

Malware Config

Targets

    • Target

      721839f3b46046e609e0460fc7d66280N.exe

    • Size

      506KB

    • MD5

      721839f3b46046e609e0460fc7d66280

    • SHA1

      be5fd324888881f66a8c22dc91192d2b78f06a16

    • SHA256

      a7ff068df4e5cb90cfef8c4b5f6d512ca021ae9b71b111e701cfef53e953a960

    • SHA512

      5ddf274d2761c7184229a11ffeb4279bef19149a4ae0b9badfd43f87d4947aa730ec83bf72f5feef0e415f28dcac3177a77ec80776c43e3d7e9dfc6785523d9b

    • SSDEEP

      12288:DyQRUAXZNHvLiW4NJz5cY2vklltT1AV0MjoB5W+u:Dy5AXDHvLijd2cllpGV0MC59u

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks