Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
85bd3d8d2f06d586119584c8eef9071fcb0e42452082fb22b9960f220cc3b5a6.exe
-
Size
2.2MB
-
Sample
240328-cwq62adb2z
-
MD5
638db2061cddae61c0e3dec28aefe8df
-
SHA1
b1a9ab063e0e8c23e7b16f72766054e7d190f9e4
-
SHA256
85bd3d8d2f06d586119584c8eef9071fcb0e42452082fb22b9960f220cc3b5a6
-
SHA512
65f93f0ef49b721c467151a89d5bdedc853eddb1f4e9142db891afd911e081bc0648cc14955e39d4a1feea1aeec3ed40996d2acf22a7722058723bdc830399f4
-
SSDEEP
49152:++wYYEzaTMdb99i3GhxyqMGnsCxM/hX3D/yYNBvM8kD:+N9TM9E2hxTnswAhXzqyv7
Malware Config
Targets
-
-
Target
85bd3d8d2f06d586119584c8eef9071fcb0e42452082fb22b9960f220cc3b5a6.exe
-
Size
2.2MB
-
MD5
638db2061cddae61c0e3dec28aefe8df
-
SHA1
b1a9ab063e0e8c23e7b16f72766054e7d190f9e4
-
SHA256
85bd3d8d2f06d586119584c8eef9071fcb0e42452082fb22b9960f220cc3b5a6
-
SHA512
65f93f0ef49b721c467151a89d5bdedc853eddb1f4e9142db891afd911e081bc0648cc14955e39d4a1feea1aeec3ed40996d2acf22a7722058723bdc830399f4
-
SSDEEP
49152:++wYYEzaTMdb99i3GhxyqMGnsCxM/hX3D/yYNBvM8kD:+N9TM9E2hxTnswAhXzqyv7
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-