Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f0f7cf9a133b7a22c26f2da01485aa2ee3a31feac53b40fc724757d66ba885e2

  • Size

    844KB

  • Sample

    221030-ew2c4scgcn

  • MD5

    5260a2fed6633021f08357915fc08750

  • SHA1

    0b6a111d776ec11829ce05a354ca705a44797d9b

  • SHA256

    f0f7cf9a133b7a22c26f2da01485aa2ee3a31feac53b40fc724757d66ba885e2

  • SHA512

    8494ce4c239e4f6f849de843021f2b42276f6ee05189e2edd0a8f6793ecaf472ac9a7deaee4b858b4c45386de7797623b3b9cfe58ec41273c6b71487492cd671

  • SSDEEP

    24576:oDSJtY1VsHzGFtHyLKDc2a9khoC7XXF8:oD6HHzKSLKQ21TXF

Score
9/10

Malware Config

Targets

    • Target

      f0f7cf9a133b7a22c26f2da01485aa2ee3a31feac53b40fc724757d66ba885e2

    • Size

      844KB

    • MD5

      5260a2fed6633021f08357915fc08750

    • SHA1

      0b6a111d776ec11829ce05a354ca705a44797d9b

    • SHA256

      f0f7cf9a133b7a22c26f2da01485aa2ee3a31feac53b40fc724757d66ba885e2

    • SHA512

      8494ce4c239e4f6f849de843021f2b42276f6ee05189e2edd0a8f6793ecaf472ac9a7deaee4b858b4c45386de7797623b3b9cfe58ec41273c6b71487492cd671

    • SSDEEP

      24576:oDSJtY1VsHzGFtHyLKDc2a9khoC7XXF8:oD6HHzKSLKQ21TXF

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks