Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8d481234b9cb8ea2c2b61d5e8a0a706d1029d0ca2b3887ff3e5af03d27f1963a
-
Size
1.8MB
-
Sample
221006-yleadaafgl
-
MD5
6e524d4c8901448b3c6481b4b574d97c
-
SHA1
279f91fbe2bc18fb93caa79ce1beb893ed3eb3f7
-
SHA256
8d481234b9cb8ea2c2b61d5e8a0a706d1029d0ca2b3887ff3e5af03d27f1963a
-
SHA512
7731004f0a9e11cf0d12e391fc7c7e2b92edb5dff1a2d724852eac386dee5c8331ed957e250351be50cbba2dbda6aeba20cb0d1390b892bfabcc052041f14cf2
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
8d481234b9cb8ea2c2b61d5e8a0a706d1029d0ca2b3887ff3e5af03d27f1963a
-
Size
1.8MB
-
MD5
6e524d4c8901448b3c6481b4b574d97c
-
SHA1
279f91fbe2bc18fb93caa79ce1beb893ed3eb3f7
-
SHA256
8d481234b9cb8ea2c2b61d5e8a0a706d1029d0ca2b3887ff3e5af03d27f1963a
-
SHA512
7731004f0a9e11cf0d12e391fc7c7e2b92edb5dff1a2d724852eac386dee5c8331ed957e250351be50cbba2dbda6aeba20cb0d1390b892bfabcc052041f14cf2
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-