Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Setup.exe

  • Size

    4.6MB

  • Sample

    231229-3at9nsdfcn

  • MD5

    862c7e9cf539af2260d1104a9873d228

  • SHA1

    851ec5e5bce6458f36756b2250c5573bd97927fc

  • SHA256

    a631ccfd88b9daa48e6d1a70fc6bed57caed44e415caa52f8d329d61221a4b9d

  • SHA512

    735d9f7890fbc30e08ddf1b9d2c883eefe0931fdcc8b54c3f6e9b717fd07557fc3bb4499a3fae97aa63464e8d6e16f8d4c374c29e05006d58e9e8b85307f27c3

  • SSDEEP

    98304:tCbg3U71Ca89eJn3Ka8fVRT4i0CAv7KYAAxst1c9l5PuF4qNe:gbKU7S03gLul7K6xsvcHgqV

Malware Config

Targets

    • Target

      Setup.exe

    • Size

      4.6MB

    • MD5

      862c7e9cf539af2260d1104a9873d228

    • SHA1

      851ec5e5bce6458f36756b2250c5573bd97927fc

    • SHA256

      a631ccfd88b9daa48e6d1a70fc6bed57caed44e415caa52f8d329d61221a4b9d

    • SHA512

      735d9f7890fbc30e08ddf1b9d2c883eefe0931fdcc8b54c3f6e9b717fd07557fc3bb4499a3fae97aa63464e8d6e16f8d4c374c29e05006d58e9e8b85307f27c3

    • SSDEEP

      98304:tCbg3U71Ca89eJn3Ka8fVRT4i0CAv7KYAAxst1c9l5PuF4qNe:gbKU7S03gLul7K6xsvcHgqV

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks