Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d50748b418dc352001f3d20921549268758f9d2edddd3fea484a98f83ebd3227
-
Size
7.1MB
-
Sample
230301-wzyj3ahe55
-
MD5
68557640db8a8e7225375079c5b74f58
-
SHA1
41b0182f4683af9ac1444393539cad5480379b4f
-
SHA256
d50748b418dc352001f3d20921549268758f9d2edddd3fea484a98f83ebd3227
-
SHA512
5253729192c55c74166ccc701e8440154970b8fc412b50b9d778f0bde9457e78babbe28c22e7384b5933f9406eb4ef0f6ce3031fe7284b5e29b775fc103e19e4
-
SSDEEP
98304:93EiL1pkOfylVETSX8zBVOzbtscJeikbAF5:1l5bFi8NVbbPkF5
Static task
static1
Behavioral task
behavioral1
Sample
d50748b418dc352001f3d20921549268758f9d2edddd3fea484a98f83ebd3227.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
d50748b418dc352001f3d20921549268758f9d2edddd3fea484a98f83ebd3227
-
Size
7.1MB
-
MD5
68557640db8a8e7225375079c5b74f58
-
SHA1
41b0182f4683af9ac1444393539cad5480379b4f
-
SHA256
d50748b418dc352001f3d20921549268758f9d2edddd3fea484a98f83ebd3227
-
SHA512
5253729192c55c74166ccc701e8440154970b8fc412b50b9d778f0bde9457e78babbe28c22e7384b5933f9406eb4ef0f6ce3031fe7284b5e29b775fc103e19e4
-
SSDEEP
98304:93EiL1pkOfylVETSX8zBVOzbtscJeikbAF5:1l5bFi8NVbbPkF5
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Creates new service(s)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-