Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bbd8b41c49eaee839da5fc62c999761efb835e7eb84f73cbf531cf0dd40c608b
-
Size
8.2MB
-
Sample
221005-edljyadcc5
-
MD5
23150d8faa66ce23299e2c032b8fd62f
-
SHA1
26c7c604d01f784931a3a95f1efeb56bfe1aec69
-
SHA256
bbd8b41c49eaee839da5fc62c999761efb835e7eb84f73cbf531cf0dd40c608b
-
SHA512
17ae25cce526a5eb11202cc779f5d62fc45b14a4d547e2eb88694dc21c83fdb853731adfd7cb47fb3499f140ddedf61175415504a0c93cb2ed3b3f25e989f5e7
-
SSDEEP
196608:JzxikPsLoM1ZPdUYcoV1alsmMzU5tReoS+P6n:JzIkP7M1ZP64alnB5t5SF
Behavioral task
behavioral1
Sample
bbd8b41c49eaee839da5fc62c999761efb835e7eb84f73cbf531cf0dd40c608b.exe
Resource
win7-20220812-en
Malware Config
Extracted
systembc
89.22.225.242:4193
195.2.93.22:4193
Targets
-
-
Target
bbd8b41c49eaee839da5fc62c999761efb835e7eb84f73cbf531cf0dd40c608b
-
Size
8.2MB
-
MD5
23150d8faa66ce23299e2c032b8fd62f
-
SHA1
26c7c604d01f784931a3a95f1efeb56bfe1aec69
-
SHA256
bbd8b41c49eaee839da5fc62c999761efb835e7eb84f73cbf531cf0dd40c608b
-
SHA512
17ae25cce526a5eb11202cc779f5d62fc45b14a4d547e2eb88694dc21c83fdb853731adfd7cb47fb3499f140ddedf61175415504a0c93cb2ed3b3f25e989f5e7
-
SSDEEP
196608:JzxikPsLoM1ZPdUYcoV1alsmMzU5tReoS+P6n:JzIkP7M1ZP64alnB5t5SF
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Deletes itself
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-