Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
boulder.dll
-
Size
9.8MB
-
Sample
220930-fjrtksceg3
-
MD5
5da411ab2fa2543cfa19f5efdfb28f9b
-
SHA1
220d4a6c59fcac9d036d530ec737576e7259a5d0
-
SHA256
23cf42f273679addee762966ea00d7738a2ba27380087c59b7fc646f03a6f4db
-
SHA512
84f9a08ff31355bac32313ee865cc795854390d95d8950a77de050d7c3a2057d1d405cd1aec2a9233e6902a7c3b1b6cf284ad1a80ba9f56e2221d25f17f48e69
-
SSDEEP
196608:sSokuRK5a6hrR/ENcdd0dLD/OCm7rc5cmgThB+97Yc/0nNB6RNbs:gZkrJEeQvV35VEhzYQwY
Behavioral task
behavioral1
Sample
boulder.dll
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
boulder.dll
-
Size
9.8MB
-
MD5
5da411ab2fa2543cfa19f5efdfb28f9b
-
SHA1
220d4a6c59fcac9d036d530ec737576e7259a5d0
-
SHA256
23cf42f273679addee762966ea00d7738a2ba27380087c59b7fc646f03a6f4db
-
SHA512
84f9a08ff31355bac32313ee865cc795854390d95d8950a77de050d7c3a2057d1d405cd1aec2a9233e6902a7c3b1b6cf284ad1a80ba9f56e2221d25f17f48e69
-
SSDEEP
196608:sSokuRK5a6hrR/ENcdd0dLD/OCm7rc5cmgThB+97Yc/0nNB6RNbs:gZkrJEeQvV35VEhzYQwY
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-