Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
celex.exe
-
Size
4.0MB
-
Sample
231224-3j4jpsdddk
-
MD5
3d05f35dd57d171ef57a37fd9e8498fc
-
SHA1
c18418fe05ab38c0005ecbc0ed6ba10caca174c8
-
SHA256
070a26b9b519330da249104467525be63b1b23015d23c86b306d31465e79a024
-
SHA512
65dbc4c75dffcce863c351206cf43312c58cd1273f226c404df4da69cecabb407bfb277f4d1bbbab5952c730407a3d79f2d926b2aa77a6df7abc318c55868737
-
SSDEEP
98304:eEdeDPCpwDjPCTp9/ekFJkybBBHzmbLcwo8XGz:roPCSfaDmkFJk6BBypo8XGz
Behavioral task
behavioral1
Sample
celex.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
celex.exe
Resource
win10-20231220-en
Behavioral task
behavioral3
Sample
celex.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
celex.exe
-
Size
4.0MB
-
MD5
3d05f35dd57d171ef57a37fd9e8498fc
-
SHA1
c18418fe05ab38c0005ecbc0ed6ba10caca174c8
-
SHA256
070a26b9b519330da249104467525be63b1b23015d23c86b306d31465e79a024
-
SHA512
65dbc4c75dffcce863c351206cf43312c58cd1273f226c404df4da69cecabb407bfb277f4d1bbbab5952c730407a3d79f2d926b2aa77a6df7abc318c55868737
-
SSDEEP
98304:eEdeDPCpwDjPCTp9/ekFJkybBBHzmbLcwo8XGz:roPCSfaDmkFJk6BBypo8XGz
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-