Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-08-26_dcc68b6c2cec13406c1cdd0e5f8cd9e3_mafia

  • Size

    6.6MB

  • Sample

    240826-kla13awgkq

  • MD5

    dcc68b6c2cec13406c1cdd0e5f8cd9e3

  • SHA1

    d41072cbfd3cb1ba48d67ff238368729d5ba6ca1

  • SHA256

    e88822a680d16042ddf11c0eba10a07038a05ee0735fe4e9a3b0f22694e46b96

  • SHA512

    b41d1cbae5cab11c6557efd88d4e83848f5b2d0c862480b21740594d8124014c571a624fa3b4ce172fe5973270cee1b89f04a71df091549c1fb65587ef18af20

  • SSDEEP

    196608:na0vvN3x9OLIiOK8A+zZdCj85rbz0lHU3zOtlo:VN3+LY2inz0MzOro

Score
9/10

Malware Config

Targets

    • Target

      2024-08-26_dcc68b6c2cec13406c1cdd0e5f8cd9e3_mafia

    • Size

      6.6MB

    • MD5

      dcc68b6c2cec13406c1cdd0e5f8cd9e3

    • SHA1

      d41072cbfd3cb1ba48d67ff238368729d5ba6ca1

    • SHA256

      e88822a680d16042ddf11c0eba10a07038a05ee0735fe4e9a3b0f22694e46b96

    • SHA512

      b41d1cbae5cab11c6557efd88d4e83848f5b2d0c862480b21740594d8124014c571a624fa3b4ce172fe5973270cee1b89f04a71df091549c1fb65587ef18af20

    • SSDEEP

      196608:na0vvN3x9OLIiOK8A+zZdCj85rbz0lHU3zOtlo:VN3+LY2inz0MzOro

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks