Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8d481234b9cb8ea2c2b61d5e8a0a706d1029d0ca2b3887ff3e5af03d27f1963a

  • Size

    1.8MB

  • Sample

    221006-yleadaafgl

  • MD5

    6e524d4c8901448b3c6481b4b574d97c

  • SHA1

    279f91fbe2bc18fb93caa79ce1beb893ed3eb3f7

  • SHA256

    8d481234b9cb8ea2c2b61d5e8a0a706d1029d0ca2b3887ff3e5af03d27f1963a

  • SHA512

    7731004f0a9e11cf0d12e391fc7c7e2b92edb5dff1a2d724852eac386dee5c8331ed957e250351be50cbba2dbda6aeba20cb0d1390b892bfabcc052041f14cf2

  • SSDEEP

    49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig

Score
9/10

Malware Config

Targets

    • Target

      8d481234b9cb8ea2c2b61d5e8a0a706d1029d0ca2b3887ff3e5af03d27f1963a

    • Size

      1.8MB

    • MD5

      6e524d4c8901448b3c6481b4b574d97c

    • SHA1

      279f91fbe2bc18fb93caa79ce1beb893ed3eb3f7

    • SHA256

      8d481234b9cb8ea2c2b61d5e8a0a706d1029d0ca2b3887ff3e5af03d27f1963a

    • SHA512

      7731004f0a9e11cf0d12e391fc7c7e2b92edb5dff1a2d724852eac386dee5c8331ed957e250351be50cbba2dbda6aeba20cb0d1390b892bfabcc052041f14cf2

    • SSDEEP

      49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks