Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

8ac3589984...f6.dll

windows7-x64

9

8ac3589984...f6.dll

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ac3589984b82dad5e1eea3d4d8c53bf9e28967e3cfece5683d3ec558ae00ff6

  • Size

    3.0MB

  • Sample

    231012-f23nssbf73

  • MD5

    a1907e94127ca408fb506656526ce745

  • SHA1

    6e8374fdaac04597da765cfcecee1f9fbc100cfd

  • SHA256

    8ac3589984b82dad5e1eea3d4d8c53bf9e28967e3cfece5683d3ec558ae00ff6

  • SHA512

    09783c2e1352e8b5a17cf2e04c4f0275790b9a7c7d3d578a8c189a943784b9309a309b262e6a20d1dc15af2a7a70055885e1f8c64c9fed6ac8904dd272a27fa2

  • SSDEEP

    49152:U5ceehonLGxSSAcInaX94Y4+GLEZ4Q75ZbMcferuAcdj+8GXg87zRNRlQZ2cPeA:UXZOSDcIneMbLEJ75ZbMcG8dj+8G9JiH

Score
9/10
evasion

Malware Config

Targets

    • Target

      8ac3589984b82dad5e1eea3d4d8c53bf9e28967e3cfece5683d3ec558ae00ff6

    • Size

      3.0MB

    • MD5

      a1907e94127ca408fb506656526ce745

    • SHA1

      6e8374fdaac04597da765cfcecee1f9fbc100cfd

    • SHA256

      8ac3589984b82dad5e1eea3d4d8c53bf9e28967e3cfece5683d3ec558ae00ff6

    • SHA512

      09783c2e1352e8b5a17cf2e04c4f0275790b9a7c7d3d578a8c189a943784b9309a309b262e6a20d1dc15af2a7a70055885e1f8c64c9fed6ac8904dd272a27fa2

    • SSDEEP

      49152:U5ceehonLGxSSAcInaX94Y4+GLEZ4Q75ZbMcferuAcdj+8GXg87zRNRlQZ2cPeA:UXZOSDcIneMbLEJ75ZbMcG8dj+8G9JiH

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks