Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
867c88b3ca10a3cee73ee5494ebf49dd534787150a647d49ec9fed9f56674a5d
-
Size
806KB
-
Sample
221019-2awbasbbbj
-
MD5
915dfb806d8e7939270c8495ca762a1d
-
SHA1
be41eb6b9d5bf7cd2f9c6f6df63ea348313eabf2
-
SHA256
867c88b3ca10a3cee73ee5494ebf49dd534787150a647d49ec9fed9f56674a5d
-
SHA512
807c0b2e30b17a200444c4b56c95a44b9308d4a5faf4849e81b8f905575a70b987c9bd743168b090ae0d93e5237f3fe9c3877ad07399d24f9d28fc16b86743ad
-
SSDEEP
24576:hKjJTKU7ML0UeHeCPZhalSQGpzKKvLfx9vCKo0pSFwGSpj:hKjsUQwUehZhB1rDXvNgc
Static task
static1
Behavioral task
behavioral1
Sample
867c88b3ca10a3cee73ee5494ebf49dd534787150a647d49ec9fed9f56674a5d.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
867c88b3ca10a3cee73ee5494ebf49dd534787150a647d49ec9fed9f56674a5d.dll
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
867c88b3ca10a3cee73ee5494ebf49dd534787150a647d49ec9fed9f56674a5d
-
Size
806KB
-
MD5
915dfb806d8e7939270c8495ca762a1d
-
SHA1
be41eb6b9d5bf7cd2f9c6f6df63ea348313eabf2
-
SHA256
867c88b3ca10a3cee73ee5494ebf49dd534787150a647d49ec9fed9f56674a5d
-
SHA512
807c0b2e30b17a200444c4b56c95a44b9308d4a5faf4849e81b8f905575a70b987c9bd743168b090ae0d93e5237f3fe9c3877ad07399d24f9d28fc16b86743ad
-
SSDEEP
24576:hKjJTKU7ML0UeHeCPZhalSQGpzKKvLfx9vCKo0pSFwGSpj:hKjsUQwUehZhB1rDXvNgc
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-