Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1d22d95295471825008ad9a43b185144
-
Size
1.7MB
-
Sample
231230-1empaafbd4
-
MD5
1d22d95295471825008ad9a43b185144
-
SHA1
39b839c5d92439d3a985ea6820fa7c88a33d4f66
-
SHA256
e6dbd39e3703259f34f622bc637b1874aa15384efad928a8b2c8f9394373f11a
-
SHA512
788b6c838f4b778ffb2d3a0c868320ea4ba74c420bc456ef9ed6748e5203f974a2b12823b67137d7005fdc50b12b03df1d87b9985f272ac4ea0cfbac056fb8f7
-
SSDEEP
49152:WyhjgLqUzBWnc9bf1NqV1c19zD38YXEmQTDr:JJizBWnAbf146D38YUPr
Static task
static1
Behavioral task
behavioral1
Sample
1d22d95295471825008ad9a43b185144.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
1d22d95295471825008ad9a43b185144.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
1d22d95295471825008ad9a43b185144
-
Size
1.7MB
-
MD5
1d22d95295471825008ad9a43b185144
-
SHA1
39b839c5d92439d3a985ea6820fa7c88a33d4f66
-
SHA256
e6dbd39e3703259f34f622bc637b1874aa15384efad928a8b2c8f9394373f11a
-
SHA512
788b6c838f4b778ffb2d3a0c868320ea4ba74c420bc456ef9ed6748e5203f974a2b12823b67137d7005fdc50b12b03df1d87b9985f272ac4ea0cfbac056fb8f7
-
SSDEEP
49152:WyhjgLqUzBWnc9bf1NqV1c19zD38YXEmQTDr:JJizBWnAbf146D38YUPr
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Drops startup file
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-