Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Gold_Loader_Fix_for_Failed_to_Manual_Map.exe

  • Size

    3.7MB

  • Sample

    240221-t3n4pabb2s

  • MD5

    f7ad66c788ad7eb004ff3dfdcdf85117

  • SHA1

    4a5fdba606dab4cf8cb1cdfdf7626b1080216571

  • SHA256

    1a1261caef18506b52eda231a348e23ee09d15650d37224ce7f89925bdde30c5

  • SHA512

    0d3384fdef1caa6bd3c88f8b3de90ecc27218d3f7d9e46684642a08cf6f002bb39431d11472af981dd0b9012c8646948413c281c7c1b4a08aa6e9f2f68139a7b

  • SSDEEP

    98304:X/nDzvmtmetiTn+WM0JHGP1Ltj0mnE/p:X/DziiTnBG9xwyYp

Malware Config

Targets

    • Target

      Gold_Loader_Fix_for_Failed_to_Manual_Map.exe

    • Size

      3.7MB

    • MD5

      f7ad66c788ad7eb004ff3dfdcdf85117

    • SHA1

      4a5fdba606dab4cf8cb1cdfdf7626b1080216571

    • SHA256

      1a1261caef18506b52eda231a348e23ee09d15650d37224ce7f89925bdde30c5

    • SHA512

      0d3384fdef1caa6bd3c88f8b3de90ecc27218d3f7d9e46684642a08cf6f002bb39431d11472af981dd0b9012c8646948413c281c7c1b4a08aa6e9f2f68139a7b

    • SSDEEP

      98304:X/nDzvmtmetiTn+WM0JHGP1Ltj0mnE/p:X/DziiTnBG9xwyYp

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks