Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9d2567186d3a196374a2d2bcde216cabe171a8412e5de385e3b2337597d6d18c
-
Size
2.6MB
-
Sample
221126-1pdt5abd7t
-
MD5
4bfaf4334b36db4e10e1c7e63a6889af
-
SHA1
77b2ee9f7e39d548f42da877bda97bff83e9315e
-
SHA256
9d2567186d3a196374a2d2bcde216cabe171a8412e5de385e3b2337597d6d18c
-
SHA512
4546dc9ba1180038c2f2015c0db1cbed07ac3a042010c2f232104b2e60c7f36614208fa648f7183da99a4c301a0cd9a721eecabd0ca3588c57aa465de312d8d9
-
SSDEEP
49152:gfJ3tfIakU9sxt4jL148SgiQbEf1AnjxN3NIy0kbp0ik1LrhPm:gfJ9fRkU9sxtQOgPbaajxzIobp0iE
Static task
static1
Behavioral task
behavioral1
Sample
9d2567186d3a196374a2d2bcde216cabe171a8412e5de385e3b2337597d6d18c.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
9d2567186d3a196374a2d2bcde216cabe171a8412e5de385e3b2337597d6d18c
-
Size
2.6MB
-
MD5
4bfaf4334b36db4e10e1c7e63a6889af
-
SHA1
77b2ee9f7e39d548f42da877bda97bff83e9315e
-
SHA256
9d2567186d3a196374a2d2bcde216cabe171a8412e5de385e3b2337597d6d18c
-
SHA512
4546dc9ba1180038c2f2015c0db1cbed07ac3a042010c2f232104b2e60c7f36614208fa648f7183da99a4c301a0cd9a721eecabd0ca3588c57aa465de312d8d9
-
SSDEEP
49152:gfJ3tfIakU9sxt4jL148SgiQbEf1AnjxN3NIy0kbp0ik1LrhPm:gfJ9fRkU9sxtQOgPbaajxzIobp0iE
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-