Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b7abf3965ad21c9abdd8a54d36c5b28beeefe13948bd5c1ff9d27195b20024f0

  • Size

    1.8MB

  • Sample

    220929-x4w3gacgdm

  • MD5

    3f16503c9c363f3ada46a5718e4ad98e

  • SHA1

    9ccff0c044bb392db3376006bfc7d0b44ffc75e5

  • SHA256

    b7abf3965ad21c9abdd8a54d36c5b28beeefe13948bd5c1ff9d27195b20024f0

  • SHA512

    a832f5aa0c9b35b4576d23fdada21fa309efb07ab0f5d8a9c275d8ebf352552442d76f3232d81e33545787eaad5dd7bfbeed42f9661473ece6eef3e50bb72746

  • SSDEEP

    49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig

Score
9/10

Malware Config

Targets

    • Target

      b7abf3965ad21c9abdd8a54d36c5b28beeefe13948bd5c1ff9d27195b20024f0

    • Size

      1.8MB

    • MD5

      3f16503c9c363f3ada46a5718e4ad98e

    • SHA1

      9ccff0c044bb392db3376006bfc7d0b44ffc75e5

    • SHA256

      b7abf3965ad21c9abdd8a54d36c5b28beeefe13948bd5c1ff9d27195b20024f0

    • SHA512

      a832f5aa0c9b35b4576d23fdada21fa309efb07ab0f5d8a9c275d8ebf352552442d76f3232d81e33545787eaad5dd7bfbeed42f9661473ece6eef3e50bb72746

    • SSDEEP

      49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks