Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
5s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25/12/2023, 16:21 UTC
Static task
static1
Behavioral task
behavioral1
Sample
2caf18c5e952b4770992137c65b3c7eb.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2caf18c5e952b4770992137c65b3c7eb.exe
Resource
win10v2004-20231222-en
General
-
Target
2caf18c5e952b4770992137c65b3c7eb.exe
-
Size
2.2MB
-
MD5
2caf18c5e952b4770992137c65b3c7eb
-
SHA1
623d211f113d1c556006f6a6000474cdd034467a
-
SHA256
e910213e91de17837384e5d5aa33c4b5f9eb2eede152ffedfc86d40b231f71e9
-
SHA512
e6bb10e9aed8b358ac51061a9995dc695d66318902ef25fcdfe317a6d15f24dded47d1df7177df1e33bdadfd3f6c179acdfb0a2706774aac66d41e60b02199ca
-
SSDEEP
49152:OCyNN+VYY6DL9GZjY2yVSgPIf+kDYdVQxot+j1AdPn6fZ80Es:OCyNN+Ps9YSVPs+6VxYA46Rn
Malware Config
Signatures
-
Checks BIOS information in registry 2 TTPs 1 IoCs
BIOS information is often read in order to detect sandboxing environments.
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion 2caf18c5e952b4770992137c65b3c7eb.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2212 2caf18c5e952b4770992137c65b3c7eb.exe 2212 2caf18c5e952b4770992137c65b3c7eb.exe 2212 2caf18c5e952b4770992137c65b3c7eb.exe 2212 2caf18c5e952b4770992137c65b3c7eb.exe