Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2.exe
-
Size
1.3MB
-
Sample
220925-n19dyseeg9
-
MD5
5110f6802a9e7f1eaba4dd916f80b2a0
-
SHA1
4c3b319e1f68cbde0991d352a9156b1932264573
-
SHA256
50b2b6803b44585b6b2b504af9b0102788c7195c97fc61ff3c1a14747de41113
-
SHA512
ab25bb827c7299e4823595a1b6e7d3a2a2ade89a4485549d68c1e24644cdc6e015a0dff4e1cb5674a66aff22c1988aebc3253c3b786861f4c03c8006f5d2c848
-
SSDEEP
24576:qDv3/Mg+ReqnEHiwf29hq6ik68o62xzdJ8A52QqW7I2LOQSQ33R0Z:qERPwf2WZ18o62xzv8VmF
Static task
static1
Behavioral task
behavioral1
Sample
2.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
2.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
2.exe
-
Size
1.3MB
-
MD5
5110f6802a9e7f1eaba4dd916f80b2a0
-
SHA1
4c3b319e1f68cbde0991d352a9156b1932264573
-
SHA256
50b2b6803b44585b6b2b504af9b0102788c7195c97fc61ff3c1a14747de41113
-
SHA512
ab25bb827c7299e4823595a1b6e7d3a2a2ade89a4485549d68c1e24644cdc6e015a0dff4e1cb5674a66aff22c1988aebc3253c3b786861f4c03c8006f5d2c848
-
SSDEEP
24576:qDv3/Mg+ReqnEHiwf29hq6ik68o62xzdJ8A52QqW7I2LOQSQ33R0Z:qERPwf2WZ18o62xzv8VmF
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-