Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Electron.zip
-
Size
4.0MB
-
Sample
230608-k2lshadd92
-
MD5
97076579ad60bab9d10873ce2919a6cc
-
SHA1
d6c75777c0d5fc972f706b67ca9a67b6c9c1edc0
-
SHA256
3ed7846a7c6517e3cdd5f964d9092bf4cd12aa949e017557809b1c0919c2746b
-
SHA512
8a69b425b0c90446a675a6e56ce815975a50083d25623e053b769ed922b967528c375d8f247c74eb9c6181d2eb16cb465dbc21887f6044deec313bbc5b477a0d
-
SSDEEP
98304:fCAG9ljur60nkCXKNLzXhjpsB1uo8rsVF2ImbxXd2Be2WyL:fCXjuO0nkTC4o6RZ2Z
Static task
static1
Behavioral task
behavioral1
Sample
Electron/Electron.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
Electron/Electron.exe
-
Size
4.1MB
-
MD5
9dd5ee5f8f58e4205ebe25ca7a356219
-
SHA1
7365b4096294b791b173803ddfd768186521793f
-
SHA256
46797e761cfacad8b3b3fddf4990b0b55f87a0ab76b8d949818ff7904744e0eb
-
SHA512
b38724047946ec37605beeacb165de185e8e360682ccda28351033ab7ee13408165791f2030469b98347dad038b9ff776c6392ffd57526a8c120272012513a1c
-
SSDEEP
98304:YEc1bNmfyMj4guXdLdiXx+Rton9QTj53C8f93S8b+m9axAm:YhNmaMj4gCwxwton0jNeGmA
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-