Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
source_prepared.exe
-
Size
88.7MB
-
Sample
250319-vbld6ayyb1
-
MD5
0d0ff2f9a6d62d97d099052be2f9f009
-
SHA1
7065d67c1c65049fe5bb736e61ed66d00bc7279e
-
SHA256
ee12abab06c2bd2c24c4b5d33c3d034301aa2e4ad72cac04b5f9d0e38b81c7b9
-
SHA512
559be72dffa913efbb93ba2d9c5127ab420287df134ef61172c0d6dfb74e053a9d5c7aad84b9e834d253d59562439886045abc61128377d65aaac298b4fc78d8
-
SSDEEP
1572864:TtIupudNK/lXAbWNPgOkiqOv8im2A3+TbE7GliXiYgj+h58sMw5IcPzIcJFJZ:KYoWRogYOknOv8i36+TNwp5FBP9J
Malware Config
Targets
-
-
Target
source_prepared.exe
-
Size
88.7MB
-
MD5
0d0ff2f9a6d62d97d099052be2f9f009
-
SHA1
7065d67c1c65049fe5bb736e61ed66d00bc7279e
-
SHA256
ee12abab06c2bd2c24c4b5d33c3d034301aa2e4ad72cac04b5f9d0e38b81c7b9
-
SHA512
559be72dffa913efbb93ba2d9c5127ab420287df134ef61172c0d6dfb74e053a9d5c7aad84b9e834d253d59562439886045abc61128377d65aaac298b4fc78d8
-
SSDEEP
1572864:TtIupudNK/lXAbWNPgOkiqOv8im2A3+TbE7GliXiYgj+h58sMw5IcPzIcJFJZ:KYoWRogYOknOv8i36+TNwp5FBP9J
Score9/10-
Enumerates VirtualBox DLL files
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-