Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
50c2d68b67e63e9e58170740ba2380a3.bin
-
Size
14.3MB
-
Sample
231220-clrptabag3
-
MD5
50c2d68b67e63e9e58170740ba2380a3
-
SHA1
31ca0875a886a87e7f756816a5a3a8a9f0ef4805
-
SHA256
6f27472247fac75c31c76aedb7823da8429aef16f26d5ab27721686e924cde94
-
SHA512
6e3ce56f24eac510022716c69ccbd7a1332373b95568b5d985172a7197db8965dc8faccbe91a0be822e62c01adac49f6955c9e86128d8597536bd845a7770306
-
SSDEEP
196608:OvmwHVRzpgetATsTJbaAzgLPz+hgtrxro+QpqN/+BL5fNWJ+BSNLuk7GFViAk0He:OZ1lATstzYPttroBa+lq+4tUVxFE
Malware Config
Targets
-
-
Target
50c2d68b67e63e9e58170740ba2380a3.bin
-
Size
14.3MB
-
MD5
50c2d68b67e63e9e58170740ba2380a3
-
SHA1
31ca0875a886a87e7f756816a5a3a8a9f0ef4805
-
SHA256
6f27472247fac75c31c76aedb7823da8429aef16f26d5ab27721686e924cde94
-
SHA512
6e3ce56f24eac510022716c69ccbd7a1332373b95568b5d985172a7197db8965dc8faccbe91a0be822e62c01adac49f6955c9e86128d8597536bd845a7770306
-
SSDEEP
196608:OvmwHVRzpgetATsTJbaAzgLPz+hgtrxro+QpqN/+BL5fNWJ+BSNLuk7GFViAk0He:OZ1lATstzYPttroBa+lq+4tUVxFE
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Looks for VirtualBox Guest Additions in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-