Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    801f182db0b7a7a1ead3aa12d021dea6fa12368d127d991a60a8417e8e486360

  • Size

    4.2MB

  • Sample

    241003-yx6h1axgmf

  • MD5

    5dd1dabddf021366613b739adafd18b9

  • SHA1

    54a60dd66991751b94fa75fbb76d28a0adc41b61

  • SHA256

    801f182db0b7a7a1ead3aa12d021dea6fa12368d127d991a60a8417e8e486360

  • SHA512

    2037030582fbbe47ca2586f209675bd3add0e6ad0ad24b586dd06267f1feed402456d33048c1749536581e44a35de53eb99f979530f2a452d9201f86e0ce62ba

  • SSDEEP

    98304:kP6EH4cchq3mjYNRsxEGI50jkWoNYBjkSN/uDmer5CAgKqCuTcD7bX//Y:23chljYNuxo0sSN/uKk5CfKqC627D/Y

Score
8/10

Malware Config

Targets

    • Target

      1003gdDR3/EAC.exe

    • Size

      2.0MB

    • MD5

      061cf6d3ba28811f5cb8b7968fae93a2

    • SHA1

      703cd7ca7c7794383fe30ade8b36baa6d2461eda

    • SHA256

      0cce32d1d306cd320f74931b6a17c670125726d9e360c2f50ab1e3c3dcbd249e

    • SHA512

      e6e02a7589cbddea84a6d10374eb88cc4fd7f8d4275eed1f1cc0f49533b8c505fffe0e61167dd46cd9b49872f6911fc4754649427b118628f0f6e8fdc9fa940a

    • SSDEEP

      49152:kaHZvVH7Bm7apRfcFtKS7WFJkKExXVgc:kEBo76Rf4tKSCFJLEr

    Score
    7/10
    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Target

      1003gdDR3/EBC.sys

    • Size

      25KB

    • MD5

      9ab9f3b75a2eb87fafb1b7361be9dfb3

    • SHA1

      fe10018af723986db50701c8532df5ed98b17c39

    • SHA256

      31f4cfb4c71da44120752721103a16512444c13c2ac2d857a7e6f13cb679b427

    • SHA512

      5b37fb591670329a6b030bd9d2cbee48e9d56c7c7d2752e6049f551d869298d1ec6cea6c83e0301699e0873d1fdf0c49b4a4092c6aca750dc23b1ab95dbd1ae8

    • SSDEEP

      384:y+1TM02RprUzhy3aW0mJD/Mjch8JCPipnYPLK1M6j79SbC0N:91TMbYI3aW31MjHCPip1MmMbC0N

    Score
    1/10
    • Target

      1003gdDR3/InstallEAC.bat

    • Size

      45B

    • MD5

      ce9916d017893396784bb6ee764bebfd

    • SHA1

      c1ef398be0ec53c75a00f7e219260ecd09689a89

    • SHA256

      e0064248a7f07943ecc84e4603259a708d7cf5d5a216acc332867a330a68b6e2

    • SHA512

      fb197bd75e6798c61c08e11cc518485a908cd401e8531d90deadf4cd6d586def14ac213cea977ae034a15cb2d0201cfdca2217af7b922b5d4e464de536793ee7

    Score
    8/10
    • Sets service image path in registry

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Target

      1003gdDR3/InstallEAC_Admin.bat

    • Size

      1KB

    • MD5

      4201e0fffc468e12b613c17e36daed90

    • SHA1

      a40edc8576987c26027fd2e3d5f0d5e873f2f0db

    • SHA256

      4dad1df7f54f5b75bd4bf4ecec1cd8520a028c7b2e5254041cd487f3e7f1d164

    • SHA512

      3733bcc1ebcd3feec3466485ed6cd2df376d3a8b9b4bbbd6c73209c8a901353c3153966bdfd2f71c36edef28842229154ce44d3fe060683aa076230bb9f1ce20

    Score
    8/10
    • Sets service image path in registry

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Target

      1003gdDR3/execute.sys

    • Size

      48KB

    • MD5

      3d9813b02f3ca683741c002307f46bd9

    • SHA1

      4b8ddeacd5f10bdcb0e01d045e9589f55b6b4ef8

    • SHA256

      95ae5c2cab7a736b93784f18b4d91aa2501040470f42f29e5ddf524feddb5054

    • SHA512

      adba73cb936b922a0a1534801e77be505279f172dbbef7bf1c120987390112b8ebeb7b85a86e976c7c660aae7bf3b8d912f9b4a4f1b457d72e90bb65d2e9230d

    • SSDEEP

      768:xS6f2rotdfvPa8eej45eDuO9zS5Yit20ftAMxkEe3:E6ioXTea4SzQ7Fx8

    Score
    1/10
    • Target

      1003imxyviMapper/EAC.exe

    • Size

      2.2MB

    • MD5

      25491f3d70ca72ffa075d8a7849154e8

    • SHA1

      eb8bd7313e5871b44e1dcf4fcd669334fcd5d951

    • SHA256

      c1990a60749cd487f5f59cf432fe4019664a61b2972bb8f10ef2aa2b60f8232f

    • SHA512

      16533d7320e53149988338bcfa9f19e2be62ecf244326956ee0f5d4384e7efd3d5531640ac7f5533fb168c862637357c8a0cee0f3883ec93ac5538a8bb6417a1

    • SSDEEP

      49152:HFe6TW8fdKy6Rnyvx2Fl480ZagBKry62zImRMr4vltKqhP:le6Uy6Rnyk7pgBSy62MnrqtL

    Score
    7/10
    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Target

      1003imxyviMapper/InstallEAC.bat

    • Size

      43B

    • MD5

      35ddf9efd9112d982292c7d622f60c68

    • SHA1

      c6c7a96f136894131c9c6a3190eb835faf55418e

    • SHA256

      42a0560ea661a122ec99eb7ec201f9f47e679c24b1afa54a7dac4b0be95105ff

    • SHA512

      cae665bfd3bd698d03f32d24e8a44c49292ef3dc92c00dd6f4a30d47f63521675b68c96facab797c890246388987dd66ae52c0d394458bb89c41990d7c0e240d

    Score
    8/10
    • Sets service image path in registry

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Target

      1003imxyviMapper/InstallEAC_Admin.bat

    • Size

      1KB

    • MD5

      3402a6b0869b882edca22f6b9a84fbce

    • SHA1

      55b7cf1b978ca46f4c72771bd3dcbf01726b5097

    • SHA256

      63373f2382be919df008344c5666602feb3d08aad0fdb7e35427abf797909737

    • SHA512

      78553aee42d8c3da70f2cd19c1c4ef1972c71b6b6c6e9a0fa86100a9e4b4967c309d4da181e7cbbab451c072c4ba0dabaffef8078cc6ff388c51ede37531a898

    Score
    8/10
    • Sets service image path in registry

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Target

      1003imxyviMapper/drvrecode_eac.sys

    • Size

      48KB

    • MD5

      3d9813b02f3ca683741c002307f46bd9

    • SHA1

      4b8ddeacd5f10bdcb0e01d045e9589f55b6b4ef8

    • SHA256

      95ae5c2cab7a736b93784f18b4d91aa2501040470f42f29e5ddf524feddb5054

    • SHA512

      adba73cb936b922a0a1534801e77be505279f172dbbef7bf1c120987390112b8ebeb7b85a86e976c7c660aae7bf3b8d912f9b4a4f1b457d72e90bb65d2e9230d

    • SSDEEP

      768:xS6f2rotdfvPa8eej45eDuO9zS5Yit20ftAMxkEe3:E6ioXTea4SzQ7Fx8

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks