Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cfa6db5df045db2a07a95157f163e920d408a3103612dc3d29feb27ab2021a45

  • Size

    1.8MB

  • Sample

    220922-n6xx4sbdh6

  • MD5

    13a86925540d6af28646e1080ce6185f

  • SHA1

    8a683708a06390e00d6574ac918e1f32da80c426

  • SHA256

    cfa6db5df045db2a07a95157f163e920d408a3103612dc3d29feb27ab2021a45

  • SHA512

    f62071d77f1c20ab86f67b09cfea8da32fd63c1c9f0f04fb21b155112bc8dfc906f34ed1a2644e5b37a8cffbef92375a8e925ac194c2321d09f839f726dfd539

  • SSDEEP

    49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig

Score
9/10

Malware Config

Targets

    • Target

      cfa6db5df045db2a07a95157f163e920d408a3103612dc3d29feb27ab2021a45

    • Size

      1.8MB

    • MD5

      13a86925540d6af28646e1080ce6185f

    • SHA1

      8a683708a06390e00d6574ac918e1f32da80c426

    • SHA256

      cfa6db5df045db2a07a95157f163e920d408a3103612dc3d29feb27ab2021a45

    • SHA512

      f62071d77f1c20ab86f67b09cfea8da32fd63c1c9f0f04fb21b155112bc8dfc906f34ed1a2644e5b37a8cffbef92375a8e925ac194c2321d09f839f726dfd539

    • SSDEEP

      49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks