Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
supervoicechanger-9-7-6-6.exe
-
Size
4.7MB
-
Sample
230315-aynsksce41
-
MD5
4b6b68dc27bc111303202b5984c7e4a7
-
SHA1
8bba5052ee13a9158a34892e4c8b1e9526d3b4cc
-
SHA256
1f99c907966636e8e0712d4171078ef3ad5f2fc838d690df1e17139e5744a20f
-
SHA512
047adf89ae49df27e14bbd8adf261c7fc631e02063fafa2a358fa178810c560254e58b21793074ba5b5defbc9ed2f91c0eb39739f4d777dc4bc3238a4f8b89a9
-
SSDEEP
98304:Z60sgkACFDbaIjl5ydTJEr0hIJ4xc789LgkbbLqeqO9CW1X:kDDFpA5JErJZw9L7P+TO9LB
Static task
static1
Malware Config
Targets
-
-
Target
supervoicechanger-9-7-6-6.exe
-
Size
4.7MB
-
MD5
4b6b68dc27bc111303202b5984c7e4a7
-
SHA1
8bba5052ee13a9158a34892e4c8b1e9526d3b4cc
-
SHA256
1f99c907966636e8e0712d4171078ef3ad5f2fc838d690df1e17139e5744a20f
-
SHA512
047adf89ae49df27e14bbd8adf261c7fc631e02063fafa2a358fa178810c560254e58b21793074ba5b5defbc9ed2f91c0eb39739f4d777dc4bc3238a4f8b89a9
-
SSDEEP
98304:Z60sgkACFDbaIjl5ydTJEr0hIJ4xc789LgkbbLqeqO9CW1X:kDDFpA5JErJZw9L7P+TO9LB
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-