Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f30a867942507beb73c0870195da6c4a5a937781c5e07c279ea2f0c1d391e9c5
-
Size
1.8MB
-
Sample
221125-1lacjagh82
-
MD5
3c24dd3aeecda6634fcd0795c9efad25
-
SHA1
f832dc72a0ee21f5b54097a8746b0720be450a16
-
SHA256
f30a867942507beb73c0870195da6c4a5a937781c5e07c279ea2f0c1d391e9c5
-
SHA512
6527c7fca467e89d777914608977d3c753e54b623f06c64d67df217ecc22d10f47b9d5e39626addd3f32a51c23b541d71d2d81a183270f00b8271f56ee41df48
-
SSDEEP
49152:EgPY/gWJU8inIxGt+WbgMLz/oB88QkaoY2TQ1K9f0JDMG:iiIAt+GDLz/Q9aoC1KuJDM
Static task
static1
Behavioral task
behavioral1
Sample
f30a867942507beb73c0870195da6c4a5a937781c5e07c279ea2f0c1d391e9c5.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f30a867942507beb73c0870195da6c4a5a937781c5e07c279ea2f0c1d391e9c5.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
f30a867942507beb73c0870195da6c4a5a937781c5e07c279ea2f0c1d391e9c5
-
Size
1.8MB
-
MD5
3c24dd3aeecda6634fcd0795c9efad25
-
SHA1
f832dc72a0ee21f5b54097a8746b0720be450a16
-
SHA256
f30a867942507beb73c0870195da6c4a5a937781c5e07c279ea2f0c1d391e9c5
-
SHA512
6527c7fca467e89d777914608977d3c753e54b623f06c64d67df217ecc22d10f47b9d5e39626addd3f32a51c23b541d71d2d81a183270f00b8271f56ee41df48
-
SSDEEP
49152:EgPY/gWJU8inIxGt+WbgMLz/oB88QkaoY2TQ1K9f0JDMG:iiIAt+GDLz/Q9aoC1KuJDM
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Drops startup file
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-