Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    zLp3CUahAnlpkiajyOpX.exe

  • Size

    6.4MB

  • Sample

    221019-dym3tsfbak

  • MD5

    ecf783e90cf44af0f7ff863b80add904

  • SHA1

    54836ba96db90520b8693bc182c9d387eb94b32e

  • SHA256

    42c84b3413409d44402bbc57459a62d17687ceac75d7372d1dad0e01aa47ff7d

  • SHA512

    c7302162c66816cdb87385a3bf178f88b048e3e766159b5f378480e49bca0edecd3351ebe2cdcf30753968c8384751fbc1057e0b9053de15b682b570a52fd5c6

  • SSDEEP

    196608:6I9CKlMfBXaGqXNMkm5p8shuq2IrousfFN:6IfSoGiArZ88rolfFN

Score
9/10

Malware Config

Targets

    • Target

      zLp3CUahAnlpkiajyOpX.exe

    • Size

      6.4MB

    • MD5

      ecf783e90cf44af0f7ff863b80add904

    • SHA1

      54836ba96db90520b8693bc182c9d387eb94b32e

    • SHA256

      42c84b3413409d44402bbc57459a62d17687ceac75d7372d1dad0e01aa47ff7d

    • SHA512

      c7302162c66816cdb87385a3bf178f88b048e3e766159b5f378480e49bca0edecd3351ebe2cdcf30753968c8384751fbc1057e0b9053de15b682b570a52fd5c6

    • SSDEEP

      196608:6I9CKlMfBXaGqXNMkm5p8shuq2IrousfFN:6IfSoGiArZ88rolfFN

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks