Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file
-
Size
2.7MB
-
Sample
231115-l1f2asfg38
-
MD5
b761afb0c67b4f94f5d3e47f59040d4a
-
SHA1
cedddd5443bfae50cf38dbc119c7d034dfdedd1a
-
SHA256
444ed0d8b62bdd8da294c6a49e47a7f8a15fcec43409780ea00997a0bf53ffe5
-
SHA512
289b775261a8a5b8bb4baf8f0bd94f0f254f0bfc3047b8db83c58134d278b74451b477f42c8f3cc93c1a9128e7a02c79f16906ce9798e7a716be4db4c698c363
-
SSDEEP
49152:p4RiswcUZcimQaB++5As+ryqWqoBll0jL7cgyTURSQzaNxLR:pxXqimQab5r+WUaT0jHVyARSQzaHR
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20231020-en
Malware Config
Targets
-
-
Target
file
-
Size
2.7MB
-
MD5
b761afb0c67b4f94f5d3e47f59040d4a
-
SHA1
cedddd5443bfae50cf38dbc119c7d034dfdedd1a
-
SHA256
444ed0d8b62bdd8da294c6a49e47a7f8a15fcec43409780ea00997a0bf53ffe5
-
SHA512
289b775261a8a5b8bb4baf8f0bd94f0f254f0bfc3047b8db83c58134d278b74451b477f42c8f3cc93c1a9128e7a02c79f16906ce9798e7a716be4db4c698c363
-
SSDEEP
49152:p4RiswcUZcimQaB++5As+ryqWqoBll0jL7cgyTURSQzaNxLR:pxXqimQab5r+WUaT0jHVyARSQzaHR
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-