Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
19fa48bc7ff8440268f8899534d6dc61
-
Size
740KB
-
Sample
231225-nbywxsbeer
-
MD5
19fa48bc7ff8440268f8899534d6dc61
-
SHA1
b0b673c4028979896ba8cd6454a14bb665199fb3
-
SHA256
aeea81ffcf20e782e8dffcbedacef2e098cc8be09671825fea533a8e28a13f42
-
SHA512
9df6bb95170f9a0d9bb8331098afc565eebf6785cbc777a901926216779eb0b21c9d5541658ab46de012e872b8a7fc3eeb772eb80f4405a4ce90696280d8152d
-
SSDEEP
12288:MGEueETm04Dider2XNGQx0JFoITTKDKMXsGKEFU+abeycvyPVk2A8juwjY4Jt90:MybmH+BHx0oGm+AFUlQvyPdbb9
Static task
static1
Behavioral task
behavioral1
Sample
19fa48bc7ff8440268f8899534d6dc61.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
19fa48bc7ff8440268f8899534d6dc61.dll
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
19fa48bc7ff8440268f8899534d6dc61
-
Size
740KB
-
MD5
19fa48bc7ff8440268f8899534d6dc61
-
SHA1
b0b673c4028979896ba8cd6454a14bb665199fb3
-
SHA256
aeea81ffcf20e782e8dffcbedacef2e098cc8be09671825fea533a8e28a13f42
-
SHA512
9df6bb95170f9a0d9bb8331098afc565eebf6785cbc777a901926216779eb0b21c9d5541658ab46de012e872b8a7fc3eeb772eb80f4405a4ce90696280d8152d
-
SSDEEP
12288:MGEueETm04Dider2XNGQx0JFoITTKDKMXsGKEFU+abeycvyPVk2A8juwjY4Jt90:MybmH+BHx0oGm+AFUlQvyPdbb9
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-