Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6ab78854638add0e49f0f38d3acc9a6ab8170b894abbe4a3ff75f9e9cdd56a20
-
Size
791KB
-
Sample
221021-bnvc2seec9
-
MD5
5d33cc37d85282a9dc091894161d8680
-
SHA1
42c7336b1e114c87ddca70d9aa4d5f7758422dc6
-
SHA256
6ab78854638add0e49f0f38d3acc9a6ab8170b894abbe4a3ff75f9e9cdd56a20
-
SHA512
6434933e121bced2b462ea42486135e246cdbeda3e4d44a926c67b170abaaf08ea81396bcc4832673e4b5aa05e4826e80b617e6e1b484fa460ed6d2b3b96410c
-
SSDEEP
12288:1vRIbynUDUBKahiLPTcIjWOb6I9t4lrjArICyeJKwqIGGtpQAHwGGskqGsj6SqaY:Cvru4wZHlvnMKXIn6AHZnqaak
Static task
static1
Behavioral task
behavioral1
Sample
6ab78854638add0e49f0f38d3acc9a6ab8170b894abbe4a3ff75f9e9cdd56a20.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
6ab78854638add0e49f0f38d3acc9a6ab8170b894abbe4a3ff75f9e9cdd56a20.dll
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
6ab78854638add0e49f0f38d3acc9a6ab8170b894abbe4a3ff75f9e9cdd56a20
-
Size
791KB
-
MD5
5d33cc37d85282a9dc091894161d8680
-
SHA1
42c7336b1e114c87ddca70d9aa4d5f7758422dc6
-
SHA256
6ab78854638add0e49f0f38d3acc9a6ab8170b894abbe4a3ff75f9e9cdd56a20
-
SHA512
6434933e121bced2b462ea42486135e246cdbeda3e4d44a926c67b170abaaf08ea81396bcc4832673e4b5aa05e4826e80b617e6e1b484fa460ed6d2b3b96410c
-
SSDEEP
12288:1vRIbynUDUBKahiLPTcIjWOb6I9t4lrjArICyeJKwqIGGtpQAHwGGskqGsj6SqaY:Cvru4wZHlvnMKXIn6AHZnqaak
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-