Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cb5881d774e317c33dc565c487a4c90c528e2bc0b44449e42cdb8698607a17e3.exe.zip
-
Size
5.1MB
-
Sample
231231-brpxqsfdg6
-
MD5
f5d74f518580a0eec057bf358cb87779
-
SHA1
8250082bf04a2b48a7bddedcd17cbc9c57a88130
-
SHA256
755eecb800160c386f4c2da5e0720795ae2c4c995cd06b861b833d8329f698e0
-
SHA512
2e2d8f15585e5aac065a31c88cd9322623ff4dda9db1d2539af42163dd5a5a3766eee239f691b3f098fe065a28d8a8e0d5332798d2b6ca6da8a00336eba58272
-
SSDEEP
98304:WqV5HgannYjJK3JpdL30lfJQj2gVD8cBro8tYk5GvHXRcY9uFFFmKJwVKI1QoLzJ:v/A4nYtETdL30lfJQS5Qt9G5H9YFmKm7
Behavioral task
behavioral1
Sample
cb5881d774e317c33dc565c487a4c90c528e2bc0b44449e42cdb8698607a17e3.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
cb5881d774e317c33dc565c487a4c90c528e2bc0b44449e42cdb8698607a17e3.exe
-
Size
5.1MB
-
MD5
5fff0709172509f29c34878d8fecd346
-
SHA1
68c70307ac1182d7c9711c35574a8330def881c0
-
SHA256
cb5881d774e317c33dc565c487a4c90c528e2bc0b44449e42cdb8698607a17e3
-
SHA512
3a3495769b9ad0f1d25f73d4317cd4e57b8ce8386f129015b495a1a918690e3aed6cfe5f5aa645b7216e5dcf2a733de8d09957532d1127da468bbd831819afeb
-
SSDEEP
98304:WsZhPs5DXd8UqpNl92eV3VGehLVH/coFZKAJay8sqFRz4j1Jqh9PJ8nrOW:WeqlSUqpNj2YL50wZKaaBz43Y9PuR
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-