Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
86335b1a4569b3c541ab4b8700b9619d7656377e2782cedc33a61f1aa71df331
-
Size
2.1MB
-
Sample
221202-z9mr4aeh59
-
MD5
cea81ff610a60c5d610cbb560f3ac11c
-
SHA1
3c156b23350bb3aeb792b34501e4451f378c867e
-
SHA256
86335b1a4569b3c541ab4b8700b9619d7656377e2782cedc33a61f1aa71df331
-
SHA512
c431645c2ec3749f7cbe49737772efab5b4c5ece382babd15a679fb9605c5f4eda56f2c7377bf2cd2ef21eafdf8c2f2b713882ff9f7fe05740e4f947a2a27919
-
SSDEEP
24576:++EcNtJQgTwgdBRjutVZwkjSaXdxnWLGxHuLAaBmvlCUDUSqf88oG7MiRh68MiCb:FNHbTxkhWLwH+38vxgDaN3CN+
Malware Config
Targets
-
-
Target
86335b1a4569b3c541ab4b8700b9619d7656377e2782cedc33a61f1aa71df331
-
Size
2.1MB
-
MD5
cea81ff610a60c5d610cbb560f3ac11c
-
SHA1
3c156b23350bb3aeb792b34501e4451f378c867e
-
SHA256
86335b1a4569b3c541ab4b8700b9619d7656377e2782cedc33a61f1aa71df331
-
SHA512
c431645c2ec3749f7cbe49737772efab5b4c5ece382babd15a679fb9605c5f4eda56f2c7377bf2cd2ef21eafdf8c2f2b713882ff9f7fe05740e4f947a2a27919
-
SSDEEP
24576:++EcNtJQgTwgdBRjutVZwkjSaXdxnWLGxHuLAaBmvlCUDUSqf88oG7MiRh68MiCb:FNHbTxkhWLwH+38vxgDaN3CN+
Score10/10-
Modifies security service
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-