Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bb2dca9753b1d42e4711f67ab64e8ce4.exe

  • Size

    3.4MB

  • Sample

    240325-t9yxgadc36

  • MD5

    bb2dca9753b1d42e4711f67ab64e8ce4

  • SHA1

    70cf25896537a950d7a6dda9f56040f4d372d303

  • SHA256

    ec03a903cb74030622ac957e6aaefbb7437b032a4e6db82c33126016ac6c7d06

  • SHA512

    6658595c9ea9a62f377d8bbe71d0a25530badfefde9d569ce196b79be87685a41e319339b97f7a6f783844f606e87e22f6b478894889440625484ee8c4e63a90

  • SSDEEP

    49152:J1UHC6vWZtnxJB9qBBmAAcuXshmk2sP4gNi1KEj39tpz7vDZvtNUZRMYDiTYwEq+:J1+WZtzDqBScuXKmk2RXKi17NteXW6S0

Malware Config

Targets

    • Target

      bb2dca9753b1d42e4711f67ab64e8ce4.exe

    • Size

      3.4MB

    • MD5

      bb2dca9753b1d42e4711f67ab64e8ce4

    • SHA1

      70cf25896537a950d7a6dda9f56040f4d372d303

    • SHA256

      ec03a903cb74030622ac957e6aaefbb7437b032a4e6db82c33126016ac6c7d06

    • SHA512

      6658595c9ea9a62f377d8bbe71d0a25530badfefde9d569ce196b79be87685a41e319339b97f7a6f783844f606e87e22f6b478894889440625484ee8c4e63a90

    • SSDEEP

      49152:J1UHC6vWZtnxJB9qBBmAAcuXshmk2sP4gNi1KEj39tpz7vDZvtNUZRMYDiTYwEq+:J1+WZtzDqBScuXKmk2RXKi17NteXW6S0

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks