Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0xcheat.zip

  • Size

    8.8MB

  • Sample

    230717-1jn3xaeh79

  • MD5

    f16d7af20042d713fabab2676fd28148

  • SHA1

    60ad53e69d4310c926d8da2c8812dcff0609b5f8

  • SHA256

    c50cbc77f3855f6d2cf5ce2ee5f3106866773a9717da99bd7a9da50418a08f10

  • SHA512

    72f0446b3e1eed4a1f28b37937549a5f918134972a6ebf0f59ce090a7779507ae303924f88f127c27212901b8583c23e081fed0b60a87705e11ea48fe49f689f

  • SSDEEP

    196608:V8E3v3ebPr3Iw6ocsaqYgRPOAeS+hs0P2SrtnMfI1V0XJaog:yE3vubbQnglO7S6/rVH2Xoog

Score
9/10

Malware Config

Targets

    • Target

      0xcheat.zip

    • Size

      8.8MB

    • MD5

      f16d7af20042d713fabab2676fd28148

    • SHA1

      60ad53e69d4310c926d8da2c8812dcff0609b5f8

    • SHA256

      c50cbc77f3855f6d2cf5ce2ee5f3106866773a9717da99bd7a9da50418a08f10

    • SHA512

      72f0446b3e1eed4a1f28b37937549a5f918134972a6ebf0f59ce090a7779507ae303924f88f127c27212901b8583c23e081fed0b60a87705e11ea48fe49f689f

    • SSDEEP

      196608:V8E3v3ebPr3Iw6ocsaqYgRPOAeS+hs0P2SrtnMfI1V0XJaog:yE3vubbQnglO7S6/rVH2Xoog

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Stops running service(s)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks