Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7d70dfefe3d06d699893f3dea83769448177a210b575b5f5331c209f89b541d8
-
Size
802KB
-
Sample
221106-kaawxsbga2
-
MD5
3a249853728b45b7f9167700bde334bd
-
SHA1
80cc1d21344f8e0403f6d86c45d7d95b925e5a5c
-
SHA256
7d70dfefe3d06d699893f3dea83769448177a210b575b5f5331c209f89b541d8
-
SHA512
e6e5203969e3abd08564e705c3ab6140ab85e5eade2d5d57c9f668eb87524e3c05b4ddb115a7746d38ab1976cc702e3f71ef36c9f5a13c4b095b30cbfcceb6fa
-
SSDEEP
24576:7i5+B+GT31CLJqlDBnprOT8oz57JEMyY8rWTDwHgcXNl:Uq+GDoJi3gyMSuK1
Static task
static1
Behavioral task
behavioral1
Sample
7d70dfefe3d06d699893f3dea83769448177a210b575b5f5331c209f89b541d8.dll
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
7d70dfefe3d06d699893f3dea83769448177a210b575b5f5331c209f89b541d8.dll
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
7d70dfefe3d06d699893f3dea83769448177a210b575b5f5331c209f89b541d8
-
Size
802KB
-
MD5
3a249853728b45b7f9167700bde334bd
-
SHA1
80cc1d21344f8e0403f6d86c45d7d95b925e5a5c
-
SHA256
7d70dfefe3d06d699893f3dea83769448177a210b575b5f5331c209f89b541d8
-
SHA512
e6e5203969e3abd08564e705c3ab6140ab85e5eade2d5d57c9f668eb87524e3c05b4ddb115a7746d38ab1976cc702e3f71ef36c9f5a13c4b095b30cbfcceb6fa
-
SSDEEP
24576:7i5+B+GT31CLJqlDBnprOT8oz57JEMyY8rWTDwHgcXNl:Uq+GDoJi3gyMSuK1
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-