Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8614f85ba523358af7a5de81583c8dfffc9dcf609a06aab771831d55fe0df761.exe.zip
-
Size
11.8MB
-
Sample
231231-bessvsdee8
-
MD5
8b83e77e636f1fafc417efd3d373bde8
-
SHA1
2879b0f35a9083202b3f2d53fb4afc20894240f1
-
SHA256
4b5804ef2be63d74945f21056f5fa3f3437ca36c0d893fe6f5143ceb1854386f
-
SHA512
43c24b2b9cd7638d57add09bf3f312ce2671654696d711b81e84b3fbbf5a97de2c9f9e702179e585b093e68da6e2e1b8a7c98d15afa96efc1b1d9636e2808983
-
SSDEEP
196608:rZFX4Fr+yoc9SF1Wm317oFg10lwLYHct5gXuJMmki/qZ8GrKumT3CPiGuKCPy0Vj:rbY+yH9SWgoyilJE5FJcmGuJmNuLPkLa
Malware Config
Targets
-
-
Target
8614f85ba523358af7a5de81583c8dfffc9dcf609a06aab771831d55fe0df761.exe
-
Size
23.4MB
-
MD5
e70f2a5c0f1351b1a4462fa70356285a
-
SHA1
8d3bb6642e6c6f09c090ea8b303d881ae8510e57
-
SHA256
8614f85ba523358af7a5de81583c8dfffc9dcf609a06aab771831d55fe0df761
-
SHA512
9024d9dec3b508716bec0b3d50823b8eea89add119ef20fab1bc909387ce08cb374ee0fde5c09364b21482394194260ea5a378afb1f3376063f2866548ff0aea
-
SSDEEP
393216:tRlSXv/FtKUN3XoO1QCX8IKEzWQ+VAwj17viWmE12OnOxrmU32n/uSaQoy0urpRf:LlQ/FIW1QCPKKWTVH1jiWbYOnOxrmU3k
Score7/10-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-