Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3e60494e91b81722bf9a677e752a047f
-
Size
896KB
-
Sample
240102-s8y1eabga2
-
MD5
3e60494e91b81722bf9a677e752a047f
-
SHA1
5affb25c8e9502bc24c0d8191b74c218d088de43
-
SHA256
9f05914ea6cced1deeb296846bfdd0319da103339813951609dab21e7ced4904
-
SHA512
ea717177a0bd207a7fd41b7562c195d57c2468116a261b064aa231971923fd52764f9908179a56a51cf9e9c3295a63bb8621613df46697cc51d08fd0449e5135
-
SSDEEP
24576:n8PBtpz7Vu9hl8mLc6QDVIfMa2xHha4vQy0xmPz/:n8PBTzmDLc/DSGa430xmPz/
Static task
static1
Behavioral task
behavioral1
Sample
KBE2SLK.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
KBE2SLK.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
KBE2SLK.exe
-
Size
925KB
-
MD5
b8df5209815c9c44f9dd31838935c286
-
SHA1
934328477b27fccb5b86be678d7ae1688c61c835
-
SHA256
1cfef8d20f582d5eb10b652036293eed24d7672ec4ec89263bab65bd91a4f382
-
SHA512
9239369837e275923af59e683d07efadb821119aa3038d1d0d263ef6413d2a1ac290d012e679b13cc2484a3a07efcf04f6a4fc497c12e3d756bfeb5b25e51bd1
-
SSDEEP
12288:kelOqMds1R6CNROVZC7/U0PLyL2wJ/jtKUVnK8dB3KfncHsQjeZpYXkj3FGNij85:kelVT5NArC7/pzyLThfoaoZXF8COViW
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-