Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.33ba0d2055011a1c5a902bff89f92105eac04f8d738fc93b5734868d2ed59c1d_JC.exe
-
Size
3.0MB
-
Sample
231008-vtpvasef71
-
MD5
4cc882a0fb656dee212fe4541bc22a81
-
SHA1
f7f0afc97130ddf8e3449ca1d429b529bcca6bc9
-
SHA256
33ba0d2055011a1c5a902bff89f92105eac04f8d738fc93b5734868d2ed59c1d
-
SHA512
daba5754b0ce6acd4b1462b5d0bb16c516809a28dbff94d4c63ae9cd0a747f16a2843b5e05235ebf85e0e6865917b76c6744d38bc166266be0a18121bfd4b837
-
SSDEEP
49152:h4cP3fa4Y2d+rnFlIPyHmoyiO334OhWV+4Rj4fXaN9+1PoEf3pH4MxfJ6Qrsx9:h4+3R+rFlIP9oyF3Jc+4Rjn9+1gEpHJq
Behavioral task
behavioral1
Sample
NEAS.33ba0d2055011a1c5a902bff89f92105eac04f8d738fc93b5734868d2ed59c1d_JC.exe
Resource
win7-20230831-en
Malware Config
Targets
-
-
Target
NEAS.33ba0d2055011a1c5a902bff89f92105eac04f8d738fc93b5734868d2ed59c1d_JC.exe
-
Size
3.0MB
-
MD5
4cc882a0fb656dee212fe4541bc22a81
-
SHA1
f7f0afc97130ddf8e3449ca1d429b529bcca6bc9
-
SHA256
33ba0d2055011a1c5a902bff89f92105eac04f8d738fc93b5734868d2ed59c1d
-
SHA512
daba5754b0ce6acd4b1462b5d0bb16c516809a28dbff94d4c63ae9cd0a747f16a2843b5e05235ebf85e0e6865917b76c6744d38bc166266be0a18121bfd4b837
-
SSDEEP
49152:h4cP3fa4Y2d+rnFlIPyHmoyiO334OhWV+4Rj4fXaN9+1PoEf3pH4MxfJ6Qrsx9:h4+3R+rFlIP9oyF3Jc+4Rjn9+1gEpHJq
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-