Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6a70a15d8403a6d75b291ef72e9098e8b74b3bc825ba0101465e5c8d08c57997

  • Size

    14.7MB

  • Sample

    240304-rxnvmadf55

  • MD5

    cb7b75df1206966fdcb1791120b0c256

  • SHA1

    e750c364c366a04683901047e86c7c434c7ff868

  • SHA256

    6a70a15d8403a6d75b291ef72e9098e8b74b3bc825ba0101465e5c8d08c57997

  • SHA512

    6ba50b549a26b17b84235b327c8289e9a50cb3b26439b43e9fdf8328babb21b54e559dc7807fbded668bf761b970e62e6a93e0eae7660707bd295d9191b09f5a

  • SSDEEP

    196608:CT64qHZgbG6wm5TmWFwqjd0kvNA2bz1CAxhpsI/WHpTQL49wPh9jNe9:w64q5MwmdugdBzPLFLUIjNe9

Malware Config

Targets

    • Target

      6a70a15d8403a6d75b291ef72e9098e8b74b3bc825ba0101465e5c8d08c57997

    • Size

      14.7MB

    • MD5

      cb7b75df1206966fdcb1791120b0c256

    • SHA1

      e750c364c366a04683901047e86c7c434c7ff868

    • SHA256

      6a70a15d8403a6d75b291ef72e9098e8b74b3bc825ba0101465e5c8d08c57997

    • SHA512

      6ba50b549a26b17b84235b327c8289e9a50cb3b26439b43e9fdf8328babb21b54e559dc7807fbded668bf761b970e62e6a93e0eae7660707bd295d9191b09f5a

    • SSDEEP

      196608:CT64qHZgbG6wm5TmWFwqjd0kvNA2bz1CAxhpsI/WHpTQL49wPh9jNe9:w64q5MwmdugdBzPLFLUIjNe9

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks