Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b58b57edcb3e835e7af3e35d2fcf560336c8af6ce0d04aeb9c1fdc64b5840588

  • Size

    556KB

  • Sample

    221029-zm8faafcbp

  • MD5

    84f7045e0d9adf61b6324a417b8795d0

  • SHA1

    606b249b429c8cf269f35a4adb2ee7d2b168a338

  • SHA256

    b58b57edcb3e835e7af3e35d2fcf560336c8af6ce0d04aeb9c1fdc64b5840588

  • SHA512

    5fd62fd6af271e64d00ec66dcb6c950e558a1be91678bddb418aa0a239babb231fa84cd07978398c63b1a801c6430b8a7fb9c15ed51986f70ecba975dc803728

  • SSDEEP

    12288:Im33qtExkDx/b+NXdJqDBpwYxaPTpU51DQPZUNVnILwuQhNajv/OD5wziM:H3Tkx8XdADzwpT81DQBUvILwrhcjvyQ

Score
7/10

Malware Config

Targets

    • Target

      b58b57edcb3e835e7af3e35d2fcf560336c8af6ce0d04aeb9c1fdc64b5840588

    • Size

      556KB

    • MD5

      84f7045e0d9adf61b6324a417b8795d0

    • SHA1

      606b249b429c8cf269f35a4adb2ee7d2b168a338

    • SHA256

      b58b57edcb3e835e7af3e35d2fcf560336c8af6ce0d04aeb9c1fdc64b5840588

    • SHA512

      5fd62fd6af271e64d00ec66dcb6c950e558a1be91678bddb418aa0a239babb231fa84cd07978398c63b1a801c6430b8a7fb9c15ed51986f70ecba975dc803728

    • SSDEEP

      12288:Im33qtExkDx/b+NXdJqDBpwYxaPTpU51DQPZUNVnILwuQhNajv/OD5wziM:H3Tkx8XdADzwpT81DQBUvILwrhcjvyQ

    Score
    7/10
    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks