Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    19fa48bc7ff8440268f8899534d6dc61

  • Size

    740KB

  • Sample

    231225-nbywxsbeer

  • MD5

    19fa48bc7ff8440268f8899534d6dc61

  • SHA1

    b0b673c4028979896ba8cd6454a14bb665199fb3

  • SHA256

    aeea81ffcf20e782e8dffcbedacef2e098cc8be09671825fea533a8e28a13f42

  • SHA512

    9df6bb95170f9a0d9bb8331098afc565eebf6785cbc777a901926216779eb0b21c9d5541658ab46de012e872b8a7fc3eeb772eb80f4405a4ce90696280d8152d

  • SSDEEP

    12288:MGEueETm04Dider2XNGQx0JFoITTKDKMXsGKEFU+abeycvyPVk2A8juwjY4Jt90:MybmH+BHx0oGm+AFUlQvyPdbb9

Score
9/10

Malware Config

Targets

    • Target

      19fa48bc7ff8440268f8899534d6dc61

    • Size

      740KB

    • MD5

      19fa48bc7ff8440268f8899534d6dc61

    • SHA1

      b0b673c4028979896ba8cd6454a14bb665199fb3

    • SHA256

      aeea81ffcf20e782e8dffcbedacef2e098cc8be09671825fea533a8e28a13f42

    • SHA512

      9df6bb95170f9a0d9bb8331098afc565eebf6785cbc777a901926216779eb0b21c9d5541658ab46de012e872b8a7fc3eeb772eb80f4405a4ce90696280d8152d

    • SSDEEP

      12288:MGEueETm04Dider2XNGQx0JFoITTKDKMXsGKEFU+abeycvyPVk2A8juwjY4Jt90:MybmH+BHx0oGm+AFUlQvyPdbb9

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Adds Run key to start application

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks