Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6a70a15d8403a6d75b291ef72e9098e8b74b3bc825ba0101465e5c8d08c57997
-
Size
14.7MB
-
Sample
240304-rxnvmadf55
-
MD5
cb7b75df1206966fdcb1791120b0c256
-
SHA1
e750c364c366a04683901047e86c7c434c7ff868
-
SHA256
6a70a15d8403a6d75b291ef72e9098e8b74b3bc825ba0101465e5c8d08c57997
-
SHA512
6ba50b549a26b17b84235b327c8289e9a50cb3b26439b43e9fdf8328babb21b54e559dc7807fbded668bf761b970e62e6a93e0eae7660707bd295d9191b09f5a
-
SSDEEP
196608:CT64qHZgbG6wm5TmWFwqjd0kvNA2bz1CAxhpsI/WHpTQL49wPh9jNe9:w64q5MwmdugdBzPLFLUIjNe9
Static task
static1
Behavioral task
behavioral1
Sample
6a70a15d8403a6d75b291ef72e9098e8b74b3bc825ba0101465e5c8d08c57997.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6a70a15d8403a6d75b291ef72e9098e8b74b3bc825ba0101465e5c8d08c57997.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
6a70a15d8403a6d75b291ef72e9098e8b74b3bc825ba0101465e5c8d08c57997
-
Size
14.7MB
-
MD5
cb7b75df1206966fdcb1791120b0c256
-
SHA1
e750c364c366a04683901047e86c7c434c7ff868
-
SHA256
6a70a15d8403a6d75b291ef72e9098e8b74b3bc825ba0101465e5c8d08c57997
-
SHA512
6ba50b549a26b17b84235b327c8289e9a50cb3b26439b43e9fdf8328babb21b54e559dc7807fbded668bf761b970e62e6a93e0eae7660707bd295d9191b09f5a
-
SSDEEP
196608:CT64qHZgbG6wm5TmWFwqjd0kvNA2bz1CAxhpsI/WHpTQL49wPh9jNe9:w64q5MwmdugdBzPLFLUIjNe9
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-