Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ac5165befeaa1287f894fd81169cfcbddb5c9621eb81944c1dea806a1001f6ce
-
Size
2.2MB
-
Sample
240307-fmyfjaee66
-
MD5
28b9c05785324654d47f1cabaf519a70
-
SHA1
b4e77d769fc31d0248f9fc1c7a7dce557a037425
-
SHA256
ac5165befeaa1287f894fd81169cfcbddb5c9621eb81944c1dea806a1001f6ce
-
SHA512
e30ab53cd744389f403fbc8eacab942ce3dbfae450258ddd1bfaea779c214d53099c08dd5fbca9051b6aea83e7c22092740ef07404039bb2e91f631911eacdf8
-
SSDEEP
49152:NNlds0pfSI9nGPbFZs2hsHs5DozeMqiz7:3s0pqI9nMFy2hsEozIiz7
Static task
static1
Behavioral task
behavioral1
Sample
ac5165befeaa1287f894fd81169cfcbddb5c9621eb81944c1dea806a1001f6ce.exe
Resource
win7-20240221-en
Malware Config
Extracted
risepro
193.233.132.62
Targets
-
-
Target
ac5165befeaa1287f894fd81169cfcbddb5c9621eb81944c1dea806a1001f6ce
-
Size
2.2MB
-
MD5
28b9c05785324654d47f1cabaf519a70
-
SHA1
b4e77d769fc31d0248f9fc1c7a7dce557a037425
-
SHA256
ac5165befeaa1287f894fd81169cfcbddb5c9621eb81944c1dea806a1001f6ce
-
SHA512
e30ab53cd744389f403fbc8eacab942ce3dbfae450258ddd1bfaea779c214d53099c08dd5fbca9051b6aea83e7c22092740ef07404039bb2e91f631911eacdf8
-
SSDEEP
49152:NNlds0pfSI9nGPbFZs2hsHs5DozeMqiz7:3s0pqI9nMFy2hsEozIiz7
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-