Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9656908ef92923f268a56bad8597742e.bin
-
Size
10.8MB
-
Sample
230413-b1xc6shh7z
-
MD5
9656908ef92923f268a56bad8597742e
-
SHA1
55c98438a78365e27b67b5dd8f2b750c31cc4b8f
-
SHA256
58941ddaab5ecb07804f5ce07c6b8235e92328c2a8b8b5b2348ec9b0fbb68133
-
SHA512
446d969ece471271c5ec0ac962119398c9cf659967a2788a14433953c75e73e7c3f87c87a540c41e63c25957cfec0727582ec86972f0afec0e932867e2d07380
-
SSDEEP
196608:cYEHliAFTZxEIZOo7fgKotyHQvL7ZYrmh4nxoDjXHpl1RajX0kkD5ZLGmtr:cYEZDEeHbDoowvkmh4xKfajPgZamtr
Behavioral task
behavioral1
Sample
9656908ef92923f268a56bad8597742e.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
9656908ef92923f268a56bad8597742e.bin
-
Size
10.8MB
-
MD5
9656908ef92923f268a56bad8597742e
-
SHA1
55c98438a78365e27b67b5dd8f2b750c31cc4b8f
-
SHA256
58941ddaab5ecb07804f5ce07c6b8235e92328c2a8b8b5b2348ec9b0fbb68133
-
SHA512
446d969ece471271c5ec0ac962119398c9cf659967a2788a14433953c75e73e7c3f87c87a540c41e63c25957cfec0727582ec86972f0afec0e932867e2d07380
-
SSDEEP
196608:cYEHliAFTZxEIZOo7fgKotyHQvL7ZYrmh4nxoDjXHpl1RajX0kkD5ZLGmtr:cYEZDEeHbDoowvkmh4xKfajPgZamtr
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-