Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
03/07/2023, 16:37
230703-t42feahb49 10General
-
Target
Midnight.exe
-
Size
8.1MB
-
Sample
230703-t42feahb49
-
MD5
6f11c5992143140763a08fefa9d84f21
-
SHA1
713974e0aa9a2f75033de31347ac4197cede11c6
-
SHA256
f2fa9c083abe324d132d6e687caf1b7f5825e9a12dc6e2dd9ff40cf3aebafb03
-
SHA512
9929f0aff403a317f8946285aef94b42fab6451f39dd206017977b7770c7eaab6672cc351fe164057a66c228e972fbca6766b820c9210c7777a6da5ac1bf29c0
-
SSDEEP
196608:VQZxXEzlHtUwN2mRpnJWjLHXenG2KWpHFNRAnBdC:+XKlCNmvg3engKHCvC
Static task
static1
Malware Config
Targets
-
-
Target
Midnight.exe
-
Size
8.1MB
-
MD5
6f11c5992143140763a08fefa9d84f21
-
SHA1
713974e0aa9a2f75033de31347ac4197cede11c6
-
SHA256
f2fa9c083abe324d132d6e687caf1b7f5825e9a12dc6e2dd9ff40cf3aebafb03
-
SHA512
9929f0aff403a317f8946285aef94b42fab6451f39dd206017977b7770c7eaab6672cc351fe164057a66c228e972fbca6766b820c9210c7777a6da5ac1bf29c0
-
SSDEEP
196608:VQZxXEzlHtUwN2mRpnJWjLHXenG2KWpHFNRAnBdC:+XKlCNmvg3engKHCvC
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-