Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
51f54d87b6c9908b5ed532af24531dd049f2148ce7436904136ca1bd74cbc597
-
Size
7.0MB
-
Sample
231106-az7l3sgf35
-
MD5
4dcc665d1ca0449ca8f3848c6dd4b0d6
-
SHA1
97c601f5d8ce771dcd7c16fae565b24b51bff92f
-
SHA256
51f54d87b6c9908b5ed532af24531dd049f2148ce7436904136ca1bd74cbc597
-
SHA512
1e37df75348e3af9730c9d48ed0974e4207a5dd46e8c58ccfde126fef8bb7e4bc83ff7b09dd25b93009d60a091bb18023835b730c973e8252f77373da016cce4
-
SSDEEP
196608:dHVvwWB528rX22T3IjJx+2UTiADupsf+287nQR7L:/BB72sOADuB7nC
Static task
static1
Behavioral task
behavioral1
Sample
51f54d87b6c9908b5ed532af24531dd049f2148ce7436904136ca1bd74cbc597.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
51f54d87b6c9908b5ed532af24531dd049f2148ce7436904136ca1bd74cbc597.exe
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
51f54d87b6c9908b5ed532af24531dd049f2148ce7436904136ca1bd74cbc597
-
Size
7.0MB
-
MD5
4dcc665d1ca0449ca8f3848c6dd4b0d6
-
SHA1
97c601f5d8ce771dcd7c16fae565b24b51bff92f
-
SHA256
51f54d87b6c9908b5ed532af24531dd049f2148ce7436904136ca1bd74cbc597
-
SHA512
1e37df75348e3af9730c9d48ed0974e4207a5dd46e8c58ccfde126fef8bb7e4bc83ff7b09dd25b93009d60a091bb18023835b730c973e8252f77373da016cce4
-
SSDEEP
196608:dHVvwWB528rX22T3IjJx+2UTiADupsf+287nQR7L:/BB72sOADuB7nC
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-