Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5106446079b3699426cd78fffb7acf20

  • Size

    6.5MB

  • Sample

    231219-s2dqwsfaej

  • MD5

    5106446079b3699426cd78fffb7acf20

  • SHA1

    8300e326872aed95458581b1fd66c0a9b189a977

  • SHA256

    351172bef676191b7febcd873138ee87538c4cbf00cb44b7bbdb131c2b7df865

  • SHA512

    0da7a207f53171ac106a2546dcb2bf8d67d7811eceea713bb45dafe88c941766487ca671512db8fcdead72b586d7591b2f160573165c6db5b6d251e6c5c3bde3

  • SSDEEP

    98304:/rWjqm3ir9hzNBP0+AYB14JJPuVbxUoYXaAu9cFVA93mnuZ4NoU2DMDtM6:/rW+B5F0+H4JJP3omPu972uZsrQMS

Malware Config

Targets

    • Target

      5106446079b3699426cd78fffb7acf20

    • Size

      6.5MB

    • MD5

      5106446079b3699426cd78fffb7acf20

    • SHA1

      8300e326872aed95458581b1fd66c0a9b189a977

    • SHA256

      351172bef676191b7febcd873138ee87538c4cbf00cb44b7bbdb131c2b7df865

    • SHA512

      0da7a207f53171ac106a2546dcb2bf8d67d7811eceea713bb45dafe88c941766487ca671512db8fcdead72b586d7591b2f160573165c6db5b6d251e6c5c3bde3

    • SSDEEP

      98304:/rWjqm3ir9hzNBP0+AYB14JJPuVbxUoYXaAu9cFVA93mnuZ4NoU2DMDtM6:/rW+B5F0+H4JJP3omPu972uZsrQMS

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks