Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bb2dca9753b1d42e4711f67ab64e8ce4.exe
-
Size
3.4MB
-
Sample
240325-t9yxgadc36
-
MD5
bb2dca9753b1d42e4711f67ab64e8ce4
-
SHA1
70cf25896537a950d7a6dda9f56040f4d372d303
-
SHA256
ec03a903cb74030622ac957e6aaefbb7437b032a4e6db82c33126016ac6c7d06
-
SHA512
6658595c9ea9a62f377d8bbe71d0a25530badfefde9d569ce196b79be87685a41e319339b97f7a6f783844f606e87e22f6b478894889440625484ee8c4e63a90
-
SSDEEP
49152:J1UHC6vWZtnxJB9qBBmAAcuXshmk2sP4gNi1KEj39tpz7vDZvtNUZRMYDiTYwEq+:J1+WZtzDqBScuXKmk2RXKi17NteXW6S0
Behavioral task
behavioral1
Sample
bb2dca9753b1d42e4711f67ab64e8ce4.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
bb2dca9753b1d42e4711f67ab64e8ce4.exe
-
Size
3.4MB
-
MD5
bb2dca9753b1d42e4711f67ab64e8ce4
-
SHA1
70cf25896537a950d7a6dda9f56040f4d372d303
-
SHA256
ec03a903cb74030622ac957e6aaefbb7437b032a4e6db82c33126016ac6c7d06
-
SHA512
6658595c9ea9a62f377d8bbe71d0a25530badfefde9d569ce196b79be87685a41e319339b97f7a6f783844f606e87e22f6b478894889440625484ee8c4e63a90
-
SSDEEP
49152:J1UHC6vWZtnxJB9qBBmAAcuXshmk2sP4gNi1KEj39tpz7vDZvtNUZRMYDiTYwEq+:J1+WZtzDqBScuXKmk2RXKi17NteXW6S0
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-