Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    525a73164007d85595f1cb6064d894d3

  • Size

    788KB

  • Sample

    240111-dgslzsebh2

  • MD5

    525a73164007d85595f1cb6064d894d3

  • SHA1

    f7b1e2266a416772b0b0ace1cbe681e9c5c58d98

  • SHA256

    3996be1fdb091b3ed2e4e3c6ec41a60ec87400a19295c03b68dfc16f129aa3c0

  • SHA512

    6e57650c77e6b0b7405189ed788cd83d53065a504ba22c044e72ecaaccd1d6e37d987038c9869c5a2de3d6638583c785c9f9f90e9ab9b6b0f03634881580d1b8

  • SSDEEP

    12288:O0Sw7D3T39xUG11utAiHJ85Vu7LPb+sDg/b8H3KnJj9iFVAJM1YNU1:O0R7n971wKi7LPb3DF3KJj2KM1b

Score
9/10

Malware Config

Targets

    • Target

      525a73164007d85595f1cb6064d894d3

    • Size

      788KB

    • MD5

      525a73164007d85595f1cb6064d894d3

    • SHA1

      f7b1e2266a416772b0b0ace1cbe681e9c5c58d98

    • SHA256

      3996be1fdb091b3ed2e4e3c6ec41a60ec87400a19295c03b68dfc16f129aa3c0

    • SHA512

      6e57650c77e6b0b7405189ed788cd83d53065a504ba22c044e72ecaaccd1d6e37d987038c9869c5a2de3d6638583c785c9f9f90e9ab9b6b0f03634881580d1b8

    • SSDEEP

      12288:O0Sw7D3T39xUG11utAiHJ85Vu7LPb+sDg/b8H3KnJj9iFVAJM1YNU1:O0R7n971wKi7LPb3DF3KJj2KM1b

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks