Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0xcheat.zip
-
Size
8.8MB
-
Sample
230717-1jn3xaeh79
-
MD5
f16d7af20042d713fabab2676fd28148
-
SHA1
60ad53e69d4310c926d8da2c8812dcff0609b5f8
-
SHA256
c50cbc77f3855f6d2cf5ce2ee5f3106866773a9717da99bd7a9da50418a08f10
-
SHA512
72f0446b3e1eed4a1f28b37937549a5f918134972a6ebf0f59ce090a7779507ae303924f88f127c27212901b8583c23e081fed0b60a87705e11ea48fe49f689f
-
SSDEEP
196608:V8E3v3ebPr3Iw6ocsaqYgRPOAeS+hs0P2SrtnMfI1V0XJaog:yE3vubbQnglO7S6/rVH2Xoog
Static task
static1
Behavioral task
behavioral1
Sample
0xcheat.zip
Resource
win7-20230712-en
Malware Config
Targets
-
-
Target
0xcheat.zip
-
Size
8.8MB
-
MD5
f16d7af20042d713fabab2676fd28148
-
SHA1
60ad53e69d4310c926d8da2c8812dcff0609b5f8
-
SHA256
c50cbc77f3855f6d2cf5ce2ee5f3106866773a9717da99bd7a9da50418a08f10
-
SHA512
72f0446b3e1eed4a1f28b37937549a5f918134972a6ebf0f59ce090a7779507ae303924f88f127c27212901b8583c23e081fed0b60a87705e11ea48fe49f689f
-
SSDEEP
196608:V8E3v3ebPr3Iw6ocsaqYgRPOAeS+hs0P2SrtnMfI1V0XJaog:yE3vubbQnglO7S6/rVH2Xoog
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Stops running service(s)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-