Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fc79578491fc873a67d446cc6f7cc4df92c589516e2c7bc7b2d418823838d97c
-
Size
3.4MB
-
Sample
230315-f2j7fsbf97
-
MD5
c15dcae56336f681ea1dd5aad33bb62b
-
SHA1
dec7bdfc4c06c2f1475e9159916da6fd05c7fc36
-
SHA256
fc79578491fc873a67d446cc6f7cc4df92c589516e2c7bc7b2d418823838d97c
-
SHA512
4e799450778e10b009e9e81771537b24d05a52cc6799ec869e46327f07b0d68acd478156c4370947aac11e55f69483f422c3f5a00baa878588001fe10c8e2e7b
-
SSDEEP
49152:onrbOKMFrJmsf6/HAv4fVCnoYcNmCCyQaxfrLkWUhsZz2RNRenjqc4i3PHkVgXIf:YaEU6/HWQ4noYOCtapQX9ejqcT3/SgYf
Static task
static1
Behavioral task
behavioral1
Sample
fc79578491fc873a67d446cc6f7cc4df92c589516e2c7bc7b2d418823838d97c.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
fc79578491fc873a67d446cc6f7cc4df92c589516e2c7bc7b2d418823838d97c
-
Size
3.4MB
-
MD5
c15dcae56336f681ea1dd5aad33bb62b
-
SHA1
dec7bdfc4c06c2f1475e9159916da6fd05c7fc36
-
SHA256
fc79578491fc873a67d446cc6f7cc4df92c589516e2c7bc7b2d418823838d97c
-
SHA512
4e799450778e10b009e9e81771537b24d05a52cc6799ec869e46327f07b0d68acd478156c4370947aac11e55f69483f422c3f5a00baa878588001fe10c8e2e7b
-
SSDEEP
49152:onrbOKMFrJmsf6/HAv4fVCnoYcNmCCyQaxfrLkWUhsZz2RNRenjqc4i3PHkVgXIf:YaEU6/HWQ4noYOCtapQX9ejqcT3/SgYf
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-