Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

574a503e68...e5.exe

windows7-x64

9

574a503e68...e5.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    574a503e6812239b9c1b752744b8a4e5

  • Size

    2.4MB

  • Sample

    240112-xz4xhsefc5

  • MD5

    574a503e6812239b9c1b752744b8a4e5

  • SHA1

    bd7d34fe25fd892c4393204baa8f17c594728748

  • SHA256

    49b91b7a178547a3551db21ebd4e43f8e784f4624ffe731a01c56dc4c54f60ef

  • SHA512

    046670cd38f00ec58cac0044564fb4db48deb9572a643bdd0d458eeddaa13110761cbc7b9e8c8199bb42c5225a0bdddf2e4effdbda8fc00d590d9e3c13b7e3fc

  • SSDEEP

    49152:0tbCnHATQr2HxM+9TwOQmynnpTJ+x5ogBHgoKGXvB1qXG2Xpla0H1DT:tHgQaxddHQmynAtBHgkvTqhXplaOT

Score
9/10
evasion

Malware Config

Targets

    • Target

      574a503e6812239b9c1b752744b8a4e5

    • Size

      2.4MB

    • MD5

      574a503e6812239b9c1b752744b8a4e5

    • SHA1

      bd7d34fe25fd892c4393204baa8f17c594728748

    • SHA256

      49b91b7a178547a3551db21ebd4e43f8e784f4624ffe731a01c56dc4c54f60ef

    • SHA512

      046670cd38f00ec58cac0044564fb4db48deb9572a643bdd0d458eeddaa13110761cbc7b9e8c8199bb42c5225a0bdddf2e4effdbda8fc00d590d9e3c13b7e3fc

    • SSDEEP

      49152:0tbCnHATQr2HxM+9TwOQmynnpTJ+x5ogBHgoKGXvB1qXG2Xpla0H1DT:tHgQaxddHQmynAtBHgkvTqhXplaOT

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks