Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b8e3d7db3efaabe3.mp3
-
Size
997KB
-
Sample
240807-by9kqaxbmk
-
MD5
4d83f388a1d3a0ff2ad5a66903a6b574
-
SHA1
8fa598526e7dd0f09ee8366f1a97ba6ca396fc38
-
SHA256
2ccc312eea80e6b3c6e55a6ffdd27685a993389f1de973b20e2612e01a15432b
-
SHA512
1765ec75f25651be1dbcc3002afb5f2373c5ad219858ff1657c101b590f5f77ea7c45bb2a24130ed5e6ddf9f1b19ea7c6778a16e5d320a1152284cf73128e4c8
-
SSDEEP
24576:pQr4vAZJuKawUEyxGqOYOuHz+sYlqx1XNn3xgqt+qC9:WrCqfUbxbfytQx1XF3NG
Static task
static1
Behavioral task
behavioral1
Sample
b8e3d7db3efaabe3.mp3
Resource
win11-20240802-en
Malware Config
Targets
-
-
Target
b8e3d7db3efaabe3.mp3
-
Size
997KB
-
MD5
4d83f388a1d3a0ff2ad5a66903a6b574
-
SHA1
8fa598526e7dd0f09ee8366f1a97ba6ca396fc38
-
SHA256
2ccc312eea80e6b3c6e55a6ffdd27685a993389f1de973b20e2612e01a15432b
-
SHA512
1765ec75f25651be1dbcc3002afb5f2373c5ad219858ff1657c101b590f5f77ea7c45bb2a24130ed5e6ddf9f1b19ea7c6778a16e5d320a1152284cf73128e4c8
-
SSDEEP
24576:pQr4vAZJuKawUEyxGqOYOuHz+sYlqx1XNn3xgqt+qC9:WrCqfUbxbfytQx1XF3NG
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Downloads MZ/PE file
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Blocklisted process makes network request
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Subvert Trust Controls
1SIP and Trust Provider Hijacking
1Virtualization/Sandbox Evasion
1Discovery
Browser Information Discovery
1Network Share Discovery
1Peripheral Device Discovery
1Query Registry
4System Information Discovery
5System Location Discovery
1System Language Discovery
1System Network Configuration Discovery
1Internet Connection Discovery
1Virtualization/Sandbox Evasion
1