Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cc17a2ff14ae0f1457abbb990c2612a5503c96ddfa5916bb2a1a8dad2e16238c.zip
-
Size
3.3MB
-
Sample
230321-rz2jhadc8v
-
MD5
41cc2fc1f90c9c4727b2220e3cd0fdc4
-
SHA1
efad5e71e5b09e4d0eb7037d82c5cfdce21f4a85
-
SHA256
3a89fa6a4abebabffcd836859898bda1dda9b42883c7bb6b9cd35a16ade708be
-
SHA512
5591d3bfb6043e0166e5456a9cbb528e46bd15f3c7f6b560296f73f94fa4138fecd297567e6d5ed1738fdf28a9034e8277529b63f319c86c2175eb443e6e98b9
-
SSDEEP
49152:5UOvvyAiMNvDjdJoHdefEW28ngnBgQ75dhqdaJiZKrS7V1W89hIZ8NDq5uIFNtyG:5By38g4MGgBgQNngjoukVBEoB
Behavioral task
behavioral1
Sample
cc17a2ff14ae0f1457abbb990c2612a5503c96ddfa5916bb2a1a8dad2e16238c.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
cc17a2ff14ae0f1457abbb990c2612a5503c96ddfa5916bb2a1a8dad2e16238c.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
cc17a2ff14ae0f1457abbb990c2612a5503c96ddfa5916bb2a1a8dad2e16238c.exe
-
Size
3.4MB
-
MD5
1dcfb969cf87e2e4cb9bb4a56e750e15
-
SHA1
c0d398d156582131a4dca76bdb85cf6e3342d68c
-
SHA256
cc17a2ff14ae0f1457abbb990c2612a5503c96ddfa5916bb2a1a8dad2e16238c
-
SHA512
f6b9bed8db1012566c80dec02471a6af4a052bf62361f0a51432340960b7cc5b776b384458a47aa462b3f6fa1fd507c0d05f1b5d74216402447d9dfa25771b5b
-
SSDEEP
49152:Mvcs1F4p7LFsNqzfQX6mqDHLvtf2YyAqRZEI/1Tag5rTIluaYdfPKrpjJwebZVTL:MPFUz1DHdgBd26TrPsV2gTgikq
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-