Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
97065f6e95349a8d708967e98786d58a294240be5b245bac8c03e049e8a6957e
-
Size
881KB
-
Sample
221030-s2n7mahdbq
-
MD5
819cdb4ca01762e5911433e9089612c0
-
SHA1
52502551c3aa53489f5dc5b10008f6287201159c
-
SHA256
97065f6e95349a8d708967e98786d58a294240be5b245bac8c03e049e8a6957e
-
SHA512
55f6ccc14a6e0d2001dda6e748bed61f7a24efa66919a3cf122f20e27aaee3d6594084cc3c75accbdb5d1732b8b4112a390ce3ecc3ecddf6b47f15a1b12d3a03
-
SSDEEP
12288:t9NWCNX8CfYUW2SSPALm6KEj+YYiASpUQlzuQqiuOf5zpzoGxQNVb4Ky7Gd4LmrP:t9MCwX2Se6K5jSpFlaiu2hhx0pmLmnj
Static task
static1
Behavioral task
behavioral1
Sample
97065f6e95349a8d708967e98786d58a294240be5b245bac8c03e049e8a6957e.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
97065f6e95349a8d708967e98786d58a294240be5b245bac8c03e049e8a6957e.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
97065f6e95349a8d708967e98786d58a294240be5b245bac8c03e049e8a6957e
-
Size
881KB
-
MD5
819cdb4ca01762e5911433e9089612c0
-
SHA1
52502551c3aa53489f5dc5b10008f6287201159c
-
SHA256
97065f6e95349a8d708967e98786d58a294240be5b245bac8c03e049e8a6957e
-
SHA512
55f6ccc14a6e0d2001dda6e748bed61f7a24efa66919a3cf122f20e27aaee3d6594084cc3c75accbdb5d1732b8b4112a390ce3ecc3ecddf6b47f15a1b12d3a03
-
SSDEEP
12288:t9NWCNX8CfYUW2SSPALm6KEj+YYiASpUQlzuQqiuOf5zpzoGxQNVb4Ky7Gd4LmrP:t9MCwX2Se6K5jSpFlaiu2hhx0pmLmnj
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-