Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Setup.exe
-
Size
783.5MB
-
Sample
231014-a1b7kaga5y
-
MD5
817253cf5dc8a905570628262ce8dc8d
-
SHA1
6e9a97e7a8da171d008551689d62cff883b54497
-
SHA256
c0c25d7587b5ebb4677121d96378bd88e6da0919bf4f243a4e239ef52b4edd80
-
SHA512
c4d9411432b390182509b912cf99640d4a0470d0119798b93bb28e513eec678234881b8f2eeb87a8d153bcc7733ee35bd52a730283514a69d3ad2f1b36c5290f
-
SSDEEP
196608:JxmrO2BhTD1XyRrz4+SfCNKmuYpzbzzCoMs1zqAL178EaR:JeRBN9s1mCNjpXzzCvAZ73aR
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20230831-en
Malware Config
Targets
-
-
Target
Setup.exe
-
Size
783.5MB
-
MD5
817253cf5dc8a905570628262ce8dc8d
-
SHA1
6e9a97e7a8da171d008551689d62cff883b54497
-
SHA256
c0c25d7587b5ebb4677121d96378bd88e6da0919bf4f243a4e239ef52b4edd80
-
SHA512
c4d9411432b390182509b912cf99640d4a0470d0119798b93bb28e513eec678234881b8f2eeb87a8d153bcc7733ee35bd52a730283514a69d3ad2f1b36c5290f
-
SSDEEP
196608:JxmrO2BhTD1XyRrz4+SfCNKmuYpzbzzCoMs1zqAL178EaR:JeRBN9s1mCNjpXzzCvAZ73aR
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-