Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9d2567186d3a196374a2d2bcde216cabe171a8412e5de385e3b2337597d6d18c

  • Size

    2.6MB

  • Sample

    221126-1pdt5abd7t

  • MD5

    4bfaf4334b36db4e10e1c7e63a6889af

  • SHA1

    77b2ee9f7e39d548f42da877bda97bff83e9315e

  • SHA256

    9d2567186d3a196374a2d2bcde216cabe171a8412e5de385e3b2337597d6d18c

  • SHA512

    4546dc9ba1180038c2f2015c0db1cbed07ac3a042010c2f232104b2e60c7f36614208fa648f7183da99a4c301a0cd9a721eecabd0ca3588c57aa465de312d8d9

  • SSDEEP

    49152:gfJ3tfIakU9sxt4jL148SgiQbEf1AnjxN3NIy0kbp0ik1LrhPm:gfJ9fRkU9sxtQOgPbaajxzIobp0iE

Score
9/10

Malware Config

Targets

    • Target

      9d2567186d3a196374a2d2bcde216cabe171a8412e5de385e3b2337597d6d18c

    • Size

      2.6MB

    • MD5

      4bfaf4334b36db4e10e1c7e63a6889af

    • SHA1

      77b2ee9f7e39d548f42da877bda97bff83e9315e

    • SHA256

      9d2567186d3a196374a2d2bcde216cabe171a8412e5de385e3b2337597d6d18c

    • SHA512

      4546dc9ba1180038c2f2015c0db1cbed07ac3a042010c2f232104b2e60c7f36614208fa648f7183da99a4c301a0cd9a721eecabd0ca3588c57aa465de312d8d9

    • SSDEEP

      49152:gfJ3tfIakU9sxt4jL148SgiQbEf1AnjxN3NIy0kbp0ik1LrhPm:gfJ9fRkU9sxtQOgPbaajxzIobp0iE

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks