Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    867c88b3ca10a3cee73ee5494ebf49dd534787150a647d49ec9fed9f56674a5d

  • Size

    806KB

  • Sample

    221019-2awbasbbbj

  • MD5

    915dfb806d8e7939270c8495ca762a1d

  • SHA1

    be41eb6b9d5bf7cd2f9c6f6df63ea348313eabf2

  • SHA256

    867c88b3ca10a3cee73ee5494ebf49dd534787150a647d49ec9fed9f56674a5d

  • SHA512

    807c0b2e30b17a200444c4b56c95a44b9308d4a5faf4849e81b8f905575a70b987c9bd743168b090ae0d93e5237f3fe9c3877ad07399d24f9d28fc16b86743ad

  • SSDEEP

    24576:hKjJTKU7ML0UeHeCPZhalSQGpzKKvLfx9vCKo0pSFwGSpj:hKjsUQwUehZhB1rDXvNgc

Score
9/10

Malware Config

Targets

    • Target

      867c88b3ca10a3cee73ee5494ebf49dd534787150a647d49ec9fed9f56674a5d

    • Size

      806KB

    • MD5

      915dfb806d8e7939270c8495ca762a1d

    • SHA1

      be41eb6b9d5bf7cd2f9c6f6df63ea348313eabf2

    • SHA256

      867c88b3ca10a3cee73ee5494ebf49dd534787150a647d49ec9fed9f56674a5d

    • SHA512

      807c0b2e30b17a200444c4b56c95a44b9308d4a5faf4849e81b8f905575a70b987c9bd743168b090ae0d93e5237f3fe9c3877ad07399d24f9d28fc16b86743ad

    • SSDEEP

      24576:hKjJTKU7ML0UeHeCPZhalSQGpzKKvLfx9vCKo0pSFwGSpj:hKjsUQwUehZhB1rDXvNgc

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks