Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

03/03/2023, 06:07

230303-gvgy7afh5x 9

03/03/2023, 06:03

230303-gsfcksgd64 1

03/03/2023, 05:58

230303-gpdpksfh4v 7

03/03/2023, 05:55

230303-gmxpnsgd56 7

General

  • Target

    RadioBOSS_6.2.4.2.zip

  • Size

    108.9MB

  • Sample

    230303-gvgy7afh5x

  • MD5

    16022958ba6cc17700a13a0360089188

  • SHA1

    7cdd6af325cb538c7d00b5ec0abb9af9dd0fffc1

  • SHA256

    9520d8db7ed585a6a68711aa26b9ca565c0c09a3274ea39168cf8f7732fa31c0

  • SHA512

    8c75fe200461e9a8e177f75c1d4309ff48608cde2666ec48418743e468908a0984b086e3dc90ba41fbc14002e2db02b5271cc26c293e0d26ddde291886ba38aa

  • SSDEEP

    1572864:hajMFkztqEKQvMsHYpzhwLo1o7grCdNwdGyjZN2PP3QfR0Qrftjn2lMMXJV1vJjp:haek2n8Ypa+oPdNw4QcPPYRHfADf/9b

Malware Config

Targets

    • Target

      RadioBOSS_6.2.4.2.zip

    • Size

      108.9MB

    • MD5

      16022958ba6cc17700a13a0360089188

    • SHA1

      7cdd6af325cb538c7d00b5ec0abb9af9dd0fffc1

    • SHA256

      9520d8db7ed585a6a68711aa26b9ca565c0c09a3274ea39168cf8f7732fa31c0

    • SHA512

      8c75fe200461e9a8e177f75c1d4309ff48608cde2666ec48418743e468908a0984b086e3dc90ba41fbc14002e2db02b5271cc26c293e0d26ddde291886ba38aa

    • SSDEEP

      1572864:hajMFkztqEKQvMsHYpzhwLo1o7grCdNwdGyjZN2PP3QfR0Qrftjn2lMMXJV1vJjp:haek2n8Ypa+oPdNw4QcPPYRHfADf/9b

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks