Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

7dd570dc78...24.exe

windows7-x64

7

7dd570dc78...24.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7dd570dc785119b92871362d089f10ca781c027ad04433ae042c7a2622570924

  • Size

    5.7MB

  • Sample

    231007-dea9xsgh9s

  • MD5

    706704da7601ee1d23e0b4e1ddb7966f

  • SHA1

    1234d648ff9d7625aa9b8c43295df2cfbb15c967

  • SHA256

    7dd570dc785119b92871362d089f10ca781c027ad04433ae042c7a2622570924

  • SHA512

    a8c1ac73787a7638d064a93a0f8b7db0e10eef685c54397932e5faafac52558e0e762ef418640dda0dcd54bb542256db71acc17c2c03f1f20e1e43301308964c

  • SSDEEP

    98304:1zw2cH457oTOfe6WEEH8gSLO6ZWBGhusJVjnnCZWq82zPJJlKpSGchcBrahwNO+t:xcH45kGe6WEnXZW14VjnC8u5KpSGcaBD

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      7dd570dc785119b92871362d089f10ca781c027ad04433ae042c7a2622570924

    • Size

      5.7MB

    • MD5

      706704da7601ee1d23e0b4e1ddb7966f

    • SHA1

      1234d648ff9d7625aa9b8c43295df2cfbb15c967

    • SHA256

      7dd570dc785119b92871362d089f10ca781c027ad04433ae042c7a2622570924

    • SHA512

      a8c1ac73787a7638d064a93a0f8b7db0e10eef685c54397932e5faafac52558e0e762ef418640dda0dcd54bb542256db71acc17c2c03f1f20e1e43301308964c

    • SSDEEP

      98304:1zw2cH457oTOfe6WEEH8gSLO6ZWBGhusJVjnnCZWq82zPJJlKpSGchcBrahwNO+t:xcH45kGe6WEnXZW14VjnC8u5KpSGcaBD

    Score
    7/10
    vmprotect

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks