Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b58b57edcb3e835e7af3e35d2fcf560336c8af6ce0d04aeb9c1fdc64b5840588
-
Size
556KB
-
Sample
221029-zm8faafcbp
-
MD5
84f7045e0d9adf61b6324a417b8795d0
-
SHA1
606b249b429c8cf269f35a4adb2ee7d2b168a338
-
SHA256
b58b57edcb3e835e7af3e35d2fcf560336c8af6ce0d04aeb9c1fdc64b5840588
-
SHA512
5fd62fd6af271e64d00ec66dcb6c950e558a1be91678bddb418aa0a239babb231fa84cd07978398c63b1a801c6430b8a7fb9c15ed51986f70ecba975dc803728
-
SSDEEP
12288:Im33qtExkDx/b+NXdJqDBpwYxaPTpU51DQPZUNVnILwuQhNajv/OD5wziM:H3Tkx8XdADzwpT81DQBUvILwrhcjvyQ
Behavioral task
behavioral1
Sample
b58b57edcb3e835e7af3e35d2fcf560336c8af6ce0d04aeb9c1fdc64b5840588.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
b58b57edcb3e835e7af3e35d2fcf560336c8af6ce0d04aeb9c1fdc64b5840588
-
Size
556KB
-
MD5
84f7045e0d9adf61b6324a417b8795d0
-
SHA1
606b249b429c8cf269f35a4adb2ee7d2b168a338
-
SHA256
b58b57edcb3e835e7af3e35d2fcf560336c8af6ce0d04aeb9c1fdc64b5840588
-
SHA512
5fd62fd6af271e64d00ec66dcb6c950e558a1be91678bddb418aa0a239babb231fa84cd07978398c63b1a801c6430b8a7fb9c15ed51986f70ecba975dc803728
-
SSDEEP
12288:Im33qtExkDx/b+NXdJqDBpwYxaPTpU51DQPZUNVnILwuQhNajv/OD5wziM:H3Tkx8XdADzwpT81DQBUvILwrhcjvyQ
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-