Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e33fbfc8e36f58d4b31f2fb0fc334f0ee3b6fd05a6149a1d3e3f3a279e9ec867N

  • Size

    4.8MB

  • Sample

    241004-yerl5aseml

  • MD5

    c095f20c5a6e3bd7b15d554576ffaf10

  • SHA1

    d8f5f5760f55fa10e02604bf41b50b1d77f48755

  • SHA256

    e33fbfc8e36f58d4b31f2fb0fc334f0ee3b6fd05a6149a1d3e3f3a279e9ec867

  • SHA512

    c6387dab7de2fc95a9da0f9b19282aadf49e69430a447df611b7a4a458d3ccd7a0769ea73d8949c41b1c736de1d2f4fff2131bfd0561aa9cf57b9b0d021e5ebd

  • SSDEEP

    98304:TZ7KG1v6e/LHYFR3ZueuJObD3ErwmzDFULPMlbVmr5k3XfDSlNjBI/yYniA2LgIq:TsG1vL/LH83ZueuMDE8m3yPs6OHulNNE

Score
7/10

Malware Config

Targets

    • Target

      e33fbfc8e36f58d4b31f2fb0fc334f0ee3b6fd05a6149a1d3e3f3a279e9ec867N

    • Size

      4.8MB

    • MD5

      c095f20c5a6e3bd7b15d554576ffaf10

    • SHA1

      d8f5f5760f55fa10e02604bf41b50b1d77f48755

    • SHA256

      e33fbfc8e36f58d4b31f2fb0fc334f0ee3b6fd05a6149a1d3e3f3a279e9ec867

    • SHA512

      c6387dab7de2fc95a9da0f9b19282aadf49e69430a447df611b7a4a458d3ccd7a0769ea73d8949c41b1c736de1d2f4fff2131bfd0561aa9cf57b9b0d021e5ebd

    • SSDEEP

      98304:TZ7KG1v6e/LHYFR3ZueuJObD3ErwmzDFULPMlbVmr5k3XfDSlNjBI/yYniA2LgIq:TsG1vL/LH83ZueuMDE8m3yPs6OHulNNE

    Score
    7/10
    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks