Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f30a867942507beb73c0870195da6c4a5a937781c5e07c279ea2f0c1d391e9c5

  • Size

    1.8MB

  • Sample

    221125-1lacjagh82

  • MD5

    3c24dd3aeecda6634fcd0795c9efad25

  • SHA1

    f832dc72a0ee21f5b54097a8746b0720be450a16

  • SHA256

    f30a867942507beb73c0870195da6c4a5a937781c5e07c279ea2f0c1d391e9c5

  • SHA512

    6527c7fca467e89d777914608977d3c753e54b623f06c64d67df217ecc22d10f47b9d5e39626addd3f32a51c23b541d71d2d81a183270f00b8271f56ee41df48

  • SSDEEP

    49152:EgPY/gWJU8inIxGt+WbgMLz/oB88QkaoY2TQ1K9f0JDMG:iiIAt+GDLz/Q9aoC1KuJDM

Score
9/10

Malware Config

Targets

    • Target

      f30a867942507beb73c0870195da6c4a5a937781c5e07c279ea2f0c1d391e9c5

    • Size

      1.8MB

    • MD5

      3c24dd3aeecda6634fcd0795c9efad25

    • SHA1

      f832dc72a0ee21f5b54097a8746b0720be450a16

    • SHA256

      f30a867942507beb73c0870195da6c4a5a937781c5e07c279ea2f0c1d391e9c5

    • SHA512

      6527c7fca467e89d777914608977d3c753e54b623f06c64d67df217ecc22d10f47b9d5e39626addd3f32a51c23b541d71d2d81a183270f00b8271f56ee41df48

    • SSDEEP

      49152:EgPY/gWJU8inIxGt+WbgMLz/oB88QkaoY2TQ1K9f0JDMG:iiIAt+GDLz/Q9aoC1KuJDM

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Drops startup file

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks