Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
85e1ecc1992015d6f946a183ceaaf9e022fbcc36bdb2a7fa13bf2337f9c60c38
-
Size
998KB
-
Sample
221203-2ab8esee9v
-
MD5
fd4fa44ae6b548123f7b136fb1811be9
-
SHA1
426fe9207035c449b6fbd9e25bfeed5550e2bf94
-
SHA256
85e1ecc1992015d6f946a183ceaaf9e022fbcc36bdb2a7fa13bf2337f9c60c38
-
SHA512
457ba7a8acb1c0fd28bf143aa548dc8fb918d7edcf44ef83946e63a7ef95d3ba6a85caa49f80028e9f43522b8f62699c2af9794909e63f4391d95607cc70208f
-
SSDEEP
24576:UeVlmJUzOLgGGDu/DtJvTyHOeF/l43kdz5oy1p:UriSLgPDQDtJvaOeY3kdz5
Static task
static1
Behavioral task
behavioral1
Sample
85e1ecc1992015d6f946a183ceaaf9e022fbcc36bdb2a7fa13bf2337f9c60c38.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
85e1ecc1992015d6f946a183ceaaf9e022fbcc36bdb2a7fa13bf2337f9c60c38.dll
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
85e1ecc1992015d6f946a183ceaaf9e022fbcc36bdb2a7fa13bf2337f9c60c38
-
Size
998KB
-
MD5
fd4fa44ae6b548123f7b136fb1811be9
-
SHA1
426fe9207035c449b6fbd9e25bfeed5550e2bf94
-
SHA256
85e1ecc1992015d6f946a183ceaaf9e022fbcc36bdb2a7fa13bf2337f9c60c38
-
SHA512
457ba7a8acb1c0fd28bf143aa548dc8fb918d7edcf44ef83946e63a7ef95d3ba6a85caa49f80028e9f43522b8f62699c2af9794909e63f4391d95607cc70208f
-
SSDEEP
24576:UeVlmJUzOLgGGDu/DtJvTyHOeF/l43kdz5oy1p:UriSLgPDQDtJvaOeY3kdz5
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-