Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1d22d95295471825008ad9a43b185144

  • Size

    1.7MB

  • Sample

    231230-1empaafbd4

  • MD5

    1d22d95295471825008ad9a43b185144

  • SHA1

    39b839c5d92439d3a985ea6820fa7c88a33d4f66

  • SHA256

    e6dbd39e3703259f34f622bc637b1874aa15384efad928a8b2c8f9394373f11a

  • SHA512

    788b6c838f4b778ffb2d3a0c868320ea4ba74c420bc456ef9ed6748e5203f974a2b12823b67137d7005fdc50b12b03df1d87b9985f272ac4ea0cfbac056fb8f7

  • SSDEEP

    49152:WyhjgLqUzBWnc9bf1NqV1c19zD38YXEmQTDr:JJizBWnAbf146D38YUPr

Score
9/10

Malware Config

Targets

    • Target

      1d22d95295471825008ad9a43b185144

    • Size

      1.7MB

    • MD5

      1d22d95295471825008ad9a43b185144

    • SHA1

      39b839c5d92439d3a985ea6820fa7c88a33d4f66

    • SHA256

      e6dbd39e3703259f34f622bc637b1874aa15384efad928a8b2c8f9394373f11a

    • SHA512

      788b6c838f4b778ffb2d3a0c868320ea4ba74c420bc456ef9ed6748e5203f974a2b12823b67137d7005fdc50b12b03df1d87b9985f272ac4ea0cfbac056fb8f7

    • SSDEEP

      49152:WyhjgLqUzBWnc9bf1NqV1c19zD38YXEmQTDr:JJizBWnAbf146D38YUPr

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Drops startup file

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks