Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b95bfc4e7ce7a1d15332d4cd6c350ca800f437dbfe903c0c47cf01afb09b137c
-
Size
1.4MB
-
Sample
221026-n6m3xafed4
-
MD5
c6688ae7a75cc1f8e8969205542a198c
-
SHA1
25c8a2fdfcbb38f2b47a445a1e0bbfa730d7c038
-
SHA256
b95bfc4e7ce7a1d15332d4cd6c350ca800f437dbfe903c0c47cf01afb09b137c
-
SHA512
7c70f40c2fe099d414f9e70f0c3e304da601ccc39288dae13f33937ce2e8c239e1e2711bdfd57aa07aa6d39f4dd86c2355307b164c5a34d1d93d7b8b5b56dcb4
-
SSDEEP
24576:incstcaeq+8myRyQuboSPUOqweufzdElLVNEXNqEJPaDldCVEuK/atCWM:AtSq+8myAQuboSPCwRLK+XgQCXtry/M
Static task
static1
Malware Config
Extracted
vidar
55.2
1754
https://t.me/slivetalks
https://c.im/@xinibin420
-
profile_id
1754
Targets
-
-
Target
b95bfc4e7ce7a1d15332d4cd6c350ca800f437dbfe903c0c47cf01afb09b137c
-
Size
1.4MB
-
MD5
c6688ae7a75cc1f8e8969205542a198c
-
SHA1
25c8a2fdfcbb38f2b47a445a1e0bbfa730d7c038
-
SHA256
b95bfc4e7ce7a1d15332d4cd6c350ca800f437dbfe903c0c47cf01afb09b137c
-
SHA512
7c70f40c2fe099d414f9e70f0c3e304da601ccc39288dae13f33937ce2e8c239e1e2711bdfd57aa07aa6d39f4dd86c2355307b164c5a34d1d93d7b8b5b56dcb4
-
SSDEEP
24576:incstcaeq+8myRyQuboSPUOqweufzdElLVNEXNqEJPaDldCVEuK/atCWM:AtSq+8myAQuboSPCwRLK+XgQCXtry/M
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-