Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
701f7a9693b604b7eef8e51ecbe35d5b1b30538e06cacaaac896094931cde977
-
Size
2.4MB
-
Sample
230920-a2hqqsch31
-
MD5
131f812ff93313b0ccafa01d389f544a
-
SHA1
aac1561b72e3d71a5eedd8caaf78095e0c70b24d
-
SHA256
701f7a9693b604b7eef8e51ecbe35d5b1b30538e06cacaaac896094931cde977
-
SHA512
f372843171bf68ebf0245300687ddde6a5658c8458ab800a97e8fa8e92d0eccc6855675ff537b85b6d12f1f2ea87f77e4f90301584faf6b38446bfc754ae5e33
-
SSDEEP
49152:pR+lohNPxhHAitoyJfgQMh6Me9jdPMvYq8rY+4Z59bZKmNJico:K+AihJoQMgjlMvYq8rQ5ZZTico
Malware Config
Targets
-
-
Target
701f7a9693b604b7eef8e51ecbe35d5b1b30538e06cacaaac896094931cde977
-
Size
2.4MB
-
MD5
131f812ff93313b0ccafa01d389f544a
-
SHA1
aac1561b72e3d71a5eedd8caaf78095e0c70b24d
-
SHA256
701f7a9693b604b7eef8e51ecbe35d5b1b30538e06cacaaac896094931cde977
-
SHA512
f372843171bf68ebf0245300687ddde6a5658c8458ab800a97e8fa8e92d0eccc6855675ff537b85b6d12f1f2ea87f77e4f90301584faf6b38446bfc754ae5e33
-
SSDEEP
49152:pR+lohNPxhHAitoyJfgQMh6Me9jdPMvYq8rY+4Z59bZKmNJico:K+AihJoQMgjlMvYq8rQ5ZZTico
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-