Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f0f7cf9a133b7a22c26f2da01485aa2ee3a31feac53b40fc724757d66ba885e2
-
Size
844KB
-
Sample
221030-ew2c4scgcn
-
MD5
5260a2fed6633021f08357915fc08750
-
SHA1
0b6a111d776ec11829ce05a354ca705a44797d9b
-
SHA256
f0f7cf9a133b7a22c26f2da01485aa2ee3a31feac53b40fc724757d66ba885e2
-
SHA512
8494ce4c239e4f6f849de843021f2b42276f6ee05189e2edd0a8f6793ecaf472ac9a7deaee4b858b4c45386de7797623b3b9cfe58ec41273c6b71487492cd671
-
SSDEEP
24576:oDSJtY1VsHzGFtHyLKDc2a9khoC7XXF8:oD6HHzKSLKQ21TXF
Static task
static1
Behavioral task
behavioral1
Sample
f0f7cf9a133b7a22c26f2da01485aa2ee3a31feac53b40fc724757d66ba885e2.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f0f7cf9a133b7a22c26f2da01485aa2ee3a31feac53b40fc724757d66ba885e2.dll
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
f0f7cf9a133b7a22c26f2da01485aa2ee3a31feac53b40fc724757d66ba885e2
-
Size
844KB
-
MD5
5260a2fed6633021f08357915fc08750
-
SHA1
0b6a111d776ec11829ce05a354ca705a44797d9b
-
SHA256
f0f7cf9a133b7a22c26f2da01485aa2ee3a31feac53b40fc724757d66ba885e2
-
SHA512
8494ce4c239e4f6f849de843021f2b42276f6ee05189e2edd0a8f6793ecaf472ac9a7deaee4b858b4c45386de7797623b3b9cfe58ec41273c6b71487492cd671
-
SSDEEP
24576:oDSJtY1VsHzGFtHyLKDc2a9khoC7XXF8:oD6HHzKSLKQ21TXF
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-