Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
horizon.exe
-
Size
3.9MB
-
Sample
240312-mb1j3sgd97
-
MD5
c508af023f6840ba0132e9f19e2b69ce
-
SHA1
21bad2f355a0f8f0364343f6bc201103205626ad
-
SHA256
29fc2b99b81c16d8f3d150a78787d2e6c7702db5eb2e8e640f14daff54ee68aa
-
SHA512
89bb44d2c98ad11457b471681ead1b4755553bc35250878b1965337951962d5d366ddc7fe0825b1814607f65112332f98dcd9d02b096e21b8b4b5a7b19c22a32
-
SSDEEP
98304:bISoiJw2+vkeJWCs8vEABxN4Xi8lKRZbFDme3G/Q:bKiJw2I0CzNe9lKZR34Q
Behavioral task
behavioral1
Sample
horizon.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
horizon.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
horizon.exe
-
Size
3.9MB
-
MD5
c508af023f6840ba0132e9f19e2b69ce
-
SHA1
21bad2f355a0f8f0364343f6bc201103205626ad
-
SHA256
29fc2b99b81c16d8f3d150a78787d2e6c7702db5eb2e8e640f14daff54ee68aa
-
SHA512
89bb44d2c98ad11457b471681ead1b4755553bc35250878b1965337951962d5d366ddc7fe0825b1814607f65112332f98dcd9d02b096e21b8b4b5a7b19c22a32
-
SSDEEP
98304:bISoiJw2+vkeJWCs8vEABxN4Xi8lKRZbFDme3G/Q:bKiJw2I0CzNe9lKZR34Q
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Sets service image path in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-