Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5h8mj5hdmk.exe

  • Size

    4.0MB

  • Sample

    230920-rrlhbagg6z

  • MD5

    ea4fd817859f3a86dff0d31db268fb4c

  • SHA1

    55b83c3f796c8819c169ffc9a5a97341523f1a5b

  • SHA256

    b13ac74ea97a14c678375ef454399ca831a205f5c5dd2b29262336e983df6987

  • SHA512

    00774e9c110f28cfff842b9aeb05a1f69dbf70d67c0e1a8adc47c6446f1165ca965021659d6a2e04068218b46ac56b91b8e8d95471fd2936e2f9ed0fc3c8264b

  • SSDEEP

    98304:DHc0t5nANeQccqG/tkjrNeqngmUYF0/9z+H2n6Y6lQYBdFhs:Q86eQc7OWey1F0wWTOs

Malware Config

Targets

    • Target

      5h8mj5hdmk.exe

    • Size

      4.0MB

    • MD5

      ea4fd817859f3a86dff0d31db268fb4c

    • SHA1

      55b83c3f796c8819c169ffc9a5a97341523f1a5b

    • SHA256

      b13ac74ea97a14c678375ef454399ca831a205f5c5dd2b29262336e983df6987

    • SHA512

      00774e9c110f28cfff842b9aeb05a1f69dbf70d67c0e1a8adc47c6446f1165ca965021659d6a2e04068218b46ac56b91b8e8d95471fd2936e2f9ed0fc3c8264b

    • SSDEEP

      98304:DHc0t5nANeQccqG/tkjrNeqngmUYF0/9z+H2n6Y6lQYBdFhs:Q86eQc7OWey1F0wWTOs

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks