Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
etabs_v21_kg.exe
-
Size
2.6MB
-
Sample
240219-1xy52aeh22
-
MD5
6cf5ac6015952655a02c5ed140e8000d
-
SHA1
ed410bf9c04b337d1e326a0bdb6631790ab6429c
-
SHA256
5c56c83e12a350356d2604c2f41b0a0f6ae36d7f5c118e0cd65258604a6dc922
-
SHA512
fc10b16717e4240420f070e26732f829bc0b95a69be5838aeaeae6be38742b4b2d361271e631fb5c9d978a7d2f2e98668ef1cffe37a647d9e300264175f6af70
-
SSDEEP
49152:85OiwBSGFvc0kjG9QkvUHv6Raut/Ye1x57Xe2SQwL:/iwBO0spz6RBVY+x5LeRQ
Static task
static1
Behavioral task
behavioral1
Sample
etabs_v21_kg.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
etabs_v21_kg.exe
-
Size
2.6MB
-
MD5
6cf5ac6015952655a02c5ed140e8000d
-
SHA1
ed410bf9c04b337d1e326a0bdb6631790ab6429c
-
SHA256
5c56c83e12a350356d2604c2f41b0a0f6ae36d7f5c118e0cd65258604a6dc922
-
SHA512
fc10b16717e4240420f070e26732f829bc0b95a69be5838aeaeae6be38742b4b2d361271e631fb5c9d978a7d2f2e98668ef1cffe37a647d9e300264175f6af70
-
SSDEEP
49152:85OiwBSGFvc0kjG9QkvUHv6Raut/Ye1x57Xe2SQwL:/iwBO0spz6RBVY+x5LeRQ
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-