Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
msi_protected.exe
-
Size
3.5MB
-
Sample
231103-decsraba4s
-
MD5
4222676b7217f462942c70555495e07d
-
SHA1
51f10885196d274d47261f37e42490ede35d0489
-
SHA256
8317fc0d549e4780499cb906ce067667ff8ffe0e384eba51dcbb6154d24956ca
-
SHA512
bcd0ec4ad70be30a682192b34aa164340dc8f8ead2930cbae0a01658e1f5e42893cbad67164b68e3329a5e4cce1c9a7b9c99e03a67c08d41b16e8b3608820b24
-
SSDEEP
98304:pB1fLV94nPe+4ey7LWqzTKJpFw2HmtL3Z+CF/:tTV94nPe+4B7LXzTKJLq/
Malware Config
Targets
-
-
Target
msi_protected.exe
-
Size
3.5MB
-
MD5
4222676b7217f462942c70555495e07d
-
SHA1
51f10885196d274d47261f37e42490ede35d0489
-
SHA256
8317fc0d549e4780499cb906ce067667ff8ffe0e384eba51dcbb6154d24956ca
-
SHA512
bcd0ec4ad70be30a682192b34aa164340dc8f8ead2930cbae0a01658e1f5e42893cbad67164b68e3329a5e4cce1c9a7b9c99e03a67c08d41b16e8b3608820b24
-
SSDEEP
98304:pB1fLV94nPe+4ey7LWqzTKJpFw2HmtL3Z+CF/:tTV94nPe+4B7LXzTKJLq/
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-