Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4964fbd0316122cd1ad6d2d60ae9c9e0N.exe

  • Size

    500KB

  • Sample

    240819-mgsresscjl

  • MD5

    4964fbd0316122cd1ad6d2d60ae9c9e0

  • SHA1

    10e7d488ddef3b80bb9c30c769862e8671199d22

  • SHA256

    7985ab3d836824881ff27765286ae0e6b050cd175c500776fd9cac280b92918d

  • SHA512

    e75007b40af655f08339c493919ef64374d95cb963966bf27d852a568200b862de32a06290ff3b5477f852eba98b96e5a14426496de366c34cf346cd8e9e775b

  • SSDEEP

    12288:CcuA7U+EljXJBh+tli2vklUHM13sfoBjW44:CcuA7U+85BCl/cSHMlsujR4

Score
9/10

Malware Config

Targets

    • Target

      4964fbd0316122cd1ad6d2d60ae9c9e0N.exe

    • Size

      500KB

    • MD5

      4964fbd0316122cd1ad6d2d60ae9c9e0

    • SHA1

      10e7d488ddef3b80bb9c30c769862e8671199d22

    • SHA256

      7985ab3d836824881ff27765286ae0e6b050cd175c500776fd9cac280b92918d

    • SHA512

      e75007b40af655f08339c493919ef64374d95cb963966bf27d852a568200b862de32a06290ff3b5477f852eba98b96e5a14426496de366c34cf346cd8e9e775b

    • SSDEEP

      12288:CcuA7U+EljXJBh+tli2vklUHM13sfoBjW44:CcuA7U+85BCl/cSHMlsujR4

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks