Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
VirtualBox-7.1.0-164728-Win.exe
-
Size
105.5MB
-
Sample
240913-smfa6svhmf
-
MD5
1bd268b5bc2c521a62dd1e6e97108196
-
SHA1
158084c6b898d70accb0d333039fcc924df858da
-
SHA256
bc22f01478b51d4852d6a83318ed682cee4d89fc9d8eb51b41988a67b04e7de1
-
SHA512
a5b33a159614a40cc99d30fc0bd4b568813fee1de026ccdd49f59db5e9d9763b2152f328440d18bc1944ee602d2fc48092be32c7c2b9b4c29bbdd908f0523117
-
SSDEEP
1572864:Ftt6Ex4eQ5o2cl/JzG3YeHDg+QF3Uh9ZbS7Po+QuWjxst2aiW1wj:F7kB5Xcl1WBD1S3AnSbATt01C
Malware Config
Targets
-
-
Target
VirtualBox-7.1.0-164728-Win.exe
-
Size
105.5MB
-
MD5
1bd268b5bc2c521a62dd1e6e97108196
-
SHA1
158084c6b898d70accb0d333039fcc924df858da
-
SHA256
bc22f01478b51d4852d6a83318ed682cee4d89fc9d8eb51b41988a67b04e7de1
-
SHA512
a5b33a159614a40cc99d30fc0bd4b568813fee1de026ccdd49f59db5e9d9763b2152f328440d18bc1944ee602d2fc48092be32c7c2b9b4c29bbdd908f0523117
-
SSDEEP
1572864:Ftt6Ex4eQ5o2cl/JzG3YeHDg+QF3Uh9ZbS7Po+QuWjxst2aiW1wj:F7kB5Xcl1WBD1S3AnSbATt01C
Score8/10-
Drops file in Drivers directory
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Mark of the Web detected: This indicates that the page was originally saved or cloned.
-
Drops file in System32 directory
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-