Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.098aeeead8bcc2fc053a4a7af5db4190.exe

  • Size

    2.5MB

  • Sample

    231117-c2964aeg7x

  • MD5

    098aeeead8bcc2fc053a4a7af5db4190

  • SHA1

    717d879bd4178c857c94c34f2f517193ca8460f6

  • SHA256

    2e24bbb3773c2d0fab2156685298b7c4adf96c22790beab3be80226995954b51

  • SHA512

    c2301e55402b6107a70018b07d398c599b86279faec0a8f484efc76162317b935e653ae3d8173e050e321ea9226e06cf426d58cfe3e124719c1e61677599d0d1

  • SSDEEP

    49152:y4daOqAehx7x20RKuniOJqfU7F1tLYoNovTE3pzNx0FOnpe4v/681:cP7tRtrJq88SqgnpXiu

Malware Config

Targets

    • Target

      NEAS.098aeeead8bcc2fc053a4a7af5db4190.exe

    • Size

      2.5MB

    • MD5

      098aeeead8bcc2fc053a4a7af5db4190

    • SHA1

      717d879bd4178c857c94c34f2f517193ca8460f6

    • SHA256

      2e24bbb3773c2d0fab2156685298b7c4adf96c22790beab3be80226995954b51

    • SHA512

      c2301e55402b6107a70018b07d398c599b86279faec0a8f484efc76162317b935e653ae3d8173e050e321ea9226e06cf426d58cfe3e124719c1e61677599d0d1

    • SSDEEP

      49152:y4daOqAehx7x20RKuniOJqfU7F1tLYoNovTE3pzNx0FOnpe4v/681:cP7tRtrJq88SqgnpXiu

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Modifies AppInit DLL entries

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks