Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
01a374fe3ad1deed124f4f97310c769c
-
Size
5.9MB
-
Sample
231229-x412esaefj
-
MD5
01a374fe3ad1deed124f4f97310c769c
-
SHA1
3263e4baf4f3f40f3a7e3a6804fe6576837ed046
-
SHA256
43e03a6b8656d773bc57f8fa1028ff2049269718e52a11d8de1dc1e44c4ed4c2
-
SHA512
bb48ea2182b6536c1f84c42491ce2dd3d682e4fbc0c5426577e855f50c7d9a9760130d49b612f92ef38bcc927ac2aa5fd8ee42afcdb8c317876ec0878244d0c3
-
SSDEEP
98304:8+FghWCae/0NRXygKa6I7wHl3dw+uFmMIZVB8aZIei9kGNQ4Dc9JSXxxPBHKtiOV:8+FXCXhg17wFicvBvZKr3D2yzPEtiOV
Behavioral task
behavioral1
Sample
01a374fe3ad1deed124f4f97310c769c.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
01a374fe3ad1deed124f4f97310c769c
-
Size
5.9MB
-
MD5
01a374fe3ad1deed124f4f97310c769c
-
SHA1
3263e4baf4f3f40f3a7e3a6804fe6576837ed046
-
SHA256
43e03a6b8656d773bc57f8fa1028ff2049269718e52a11d8de1dc1e44c4ed4c2
-
SHA512
bb48ea2182b6536c1f84c42491ce2dd3d682e4fbc0c5426577e855f50c7d9a9760130d49b612f92ef38bcc927ac2aa5fd8ee42afcdb8c317876ec0878244d0c3
-
SSDEEP
98304:8+FghWCae/0NRXygKa6I7wHl3dw+uFmMIZVB8aZIei9kGNQ4Dc9JSXxxPBHKtiOV:8+FXCXhg17wFicvBvZKr3D2yzPEtiOV
-
SectopRAT payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-