Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
525a73164007d85595f1cb6064d894d3
-
Size
788KB
-
Sample
240111-dgslzsebh2
-
MD5
525a73164007d85595f1cb6064d894d3
-
SHA1
f7b1e2266a416772b0b0ace1cbe681e9c5c58d98
-
SHA256
3996be1fdb091b3ed2e4e3c6ec41a60ec87400a19295c03b68dfc16f129aa3c0
-
SHA512
6e57650c77e6b0b7405189ed788cd83d53065a504ba22c044e72ecaaccd1d6e37d987038c9869c5a2de3d6638583c785c9f9f90e9ab9b6b0f03634881580d1b8
-
SSDEEP
12288:O0Sw7D3T39xUG11utAiHJ85Vu7LPb+sDg/b8H3KnJj9iFVAJM1YNU1:O0R7n971wKi7LPb3DF3KJj2KM1b
Static task
static1
Behavioral task
behavioral1
Sample
525a73164007d85595f1cb6064d894d3.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
525a73164007d85595f1cb6064d894d3.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
525a73164007d85595f1cb6064d894d3
-
Size
788KB
-
MD5
525a73164007d85595f1cb6064d894d3
-
SHA1
f7b1e2266a416772b0b0ace1cbe681e9c5c58d98
-
SHA256
3996be1fdb091b3ed2e4e3c6ec41a60ec87400a19295c03b68dfc16f129aa3c0
-
SHA512
6e57650c77e6b0b7405189ed788cd83d53065a504ba22c044e72ecaaccd1d6e37d987038c9869c5a2de3d6638583c785c9f9f90e9ab9b6b0f03634881580d1b8
-
SSDEEP
12288:O0Sw7D3T39xUG11utAiHJ85Vu7LPb+sDg/b8H3KnJj9iFVAJM1YNU1:O0R7n971wKi7LPb3DF3KJj2KM1b
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-