Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
zLp3CUahAnlpkiajyOpX.exe
-
Size
6.4MB
-
Sample
221019-dym3tsfbak
-
MD5
ecf783e90cf44af0f7ff863b80add904
-
SHA1
54836ba96db90520b8693bc182c9d387eb94b32e
-
SHA256
42c84b3413409d44402bbc57459a62d17687ceac75d7372d1dad0e01aa47ff7d
-
SHA512
c7302162c66816cdb87385a3bf178f88b048e3e766159b5f378480e49bca0edecd3351ebe2cdcf30753968c8384751fbc1057e0b9053de15b682b570a52fd5c6
-
SSDEEP
196608:6I9CKlMfBXaGqXNMkm5p8shuq2IrousfFN:6IfSoGiArZ88rolfFN
Static task
static1
Behavioral task
behavioral1
Sample
zLp3CUahAnlpkiajyOpX.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
zLp3CUahAnlpkiajyOpX.exe
-
Size
6.4MB
-
MD5
ecf783e90cf44af0f7ff863b80add904
-
SHA1
54836ba96db90520b8693bc182c9d387eb94b32e
-
SHA256
42c84b3413409d44402bbc57459a62d17687ceac75d7372d1dad0e01aa47ff7d
-
SHA512
c7302162c66816cdb87385a3bf178f88b048e3e766159b5f378480e49bca0edecd3351ebe2cdcf30753968c8384751fbc1057e0b9053de15b682b570a52fd5c6
-
SSDEEP
196608:6I9CKlMfBXaGqXNMkm5p8shuq2IrousfFN:6IfSoGiArZ88rolfFN
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-