Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
574a503e6812239b9c1b752744b8a4e5
-
Size
2.4MB
-
Sample
240112-xz4xhsefc5
-
MD5
574a503e6812239b9c1b752744b8a4e5
-
SHA1
bd7d34fe25fd892c4393204baa8f17c594728748
-
SHA256
49b91b7a178547a3551db21ebd4e43f8e784f4624ffe731a01c56dc4c54f60ef
-
SHA512
046670cd38f00ec58cac0044564fb4db48deb9572a643bdd0d458eeddaa13110761cbc7b9e8c8199bb42c5225a0bdddf2e4effdbda8fc00d590d9e3c13b7e3fc
-
SSDEEP
49152:0tbCnHATQr2HxM+9TwOQmynnpTJ+x5ogBHgoKGXvB1qXG2Xpla0H1DT:tHgQaxddHQmynAtBHgkvTqhXplaOT
Static task
static1
Behavioral task
behavioral1
Sample
574a503e6812239b9c1b752744b8a4e5.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
574a503e6812239b9c1b752744b8a4e5.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
574a503e6812239b9c1b752744b8a4e5
-
Size
2.4MB
-
MD5
574a503e6812239b9c1b752744b8a4e5
-
SHA1
bd7d34fe25fd892c4393204baa8f17c594728748
-
SHA256
49b91b7a178547a3551db21ebd4e43f8e784f4624ffe731a01c56dc4c54f60ef
-
SHA512
046670cd38f00ec58cac0044564fb4db48deb9572a643bdd0d458eeddaa13110761cbc7b9e8c8199bb42c5225a0bdddf2e4effdbda8fc00d590d9e3c13b7e3fc
-
SSDEEP
49152:0tbCnHATQr2HxM+9TwOQmynnpTJ+x5ogBHgoKGXvB1qXG2Xpla0H1DT:tHgQaxddHQmynAtBHgkvTqhXplaOT
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-