Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    89559c4954df47871b4a9cebab8f2347.bin

  • Size

    15.1MB

  • Sample

    230131-krw6gshd8x

  • MD5

    89559c4954df47871b4a9cebab8f2347

  • SHA1

    045966c65dc3a145a9dd437737e6206dd9869f0f

  • SHA256

    a6270cc54b6be66c1f0e5288fc5cd2dcf3eba4a2c9c30db73fa2c6bc401413cd

  • SHA512

    ed56c2a9a5e7098434fd9fd563cf4d905cb1fa46a1fb49f106292b06db892f38eba71f7b586d4eb227de6b151f8d5584c358f765e84b17f843492736a047d8c8

  • SSDEEP

    393216:uhaZXBbufumA7BuRQ6rakWPcCfWE/qxlxvj59hnPYUr7Y:gIRAumBvraU6WXzj5bnXc

Malware Config

Targets

    • Target

      89559c4954df47871b4a9cebab8f2347.bin

    • Size

      15.1MB

    • MD5

      89559c4954df47871b4a9cebab8f2347

    • SHA1

      045966c65dc3a145a9dd437737e6206dd9869f0f

    • SHA256

      a6270cc54b6be66c1f0e5288fc5cd2dcf3eba4a2c9c30db73fa2c6bc401413cd

    • SHA512

      ed56c2a9a5e7098434fd9fd563cf4d905cb1fa46a1fb49f106292b06db892f38eba71f7b586d4eb227de6b151f8d5584c358f765e84b17f843492736a047d8c8

    • SSDEEP

      393216:uhaZXBbufumA7BuRQ6rakWPcCfWE/qxlxvj59hnPYUr7Y:gIRAumBvraU6WXzj5bnXc

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks