Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7f8214a5ab0d111f313f594fe57f41f330a8883e69d1f596b4089e2f3937e683
-
Size
823KB
-
Sample
221030-pws2vabhhp
-
MD5
937a1b4613a2109448103c318cb7ab10
-
SHA1
1ac5bc876ec8026d57ce67fde624fab848f7b8d1
-
SHA256
7f8214a5ab0d111f313f594fe57f41f330a8883e69d1f596b4089e2f3937e683
-
SHA512
28db39b653ab91429546198a838cf4dd361f85a71a435aa825d49fab74273886b5225388d92b884ac7b6ae50eaf467b644caf76ad753e5fe114187fb6b89e2ba
-
SSDEEP
24576:QZJ+3Rbxv7mctSdkeXofT/+brY2Qwz+Rq7ISoZ:Go5xv7mcseeXr0IsS+
Static task
static1
Behavioral task
behavioral1
Sample
7f8214a5ab0d111f313f594fe57f41f330a8883e69d1f596b4089e2f3937e683.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
7f8214a5ab0d111f313f594fe57f41f330a8883e69d1f596b4089e2f3937e683.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
7f8214a5ab0d111f313f594fe57f41f330a8883e69d1f596b4089e2f3937e683
-
Size
823KB
-
MD5
937a1b4613a2109448103c318cb7ab10
-
SHA1
1ac5bc876ec8026d57ce67fde624fab848f7b8d1
-
SHA256
7f8214a5ab0d111f313f594fe57f41f330a8883e69d1f596b4089e2f3937e683
-
SHA512
28db39b653ab91429546198a838cf4dd361f85a71a435aa825d49fab74273886b5225388d92b884ac7b6ae50eaf467b644caf76ad753e5fe114187fb6b89e2ba
-
SSDEEP
24576:QZJ+3Rbxv7mctSdkeXofT/+brY2Qwz+Rq7ISoZ:Go5xv7mcseeXr0IsS+
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-