Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    85bd3d8d2f06d586119584c8eef9071fcb0e42452082fb22b9960f220cc3b5a6.exe

  • Size

    2.2MB

  • Sample

    240328-cwq62adb2z

  • MD5

    638db2061cddae61c0e3dec28aefe8df

  • SHA1

    b1a9ab063e0e8c23e7b16f72766054e7d190f9e4

  • SHA256

    85bd3d8d2f06d586119584c8eef9071fcb0e42452082fb22b9960f220cc3b5a6

  • SHA512

    65f93f0ef49b721c467151a89d5bdedc853eddb1f4e9142db891afd911e081bc0648cc14955e39d4a1feea1aeec3ed40996d2acf22a7722058723bdc830399f4

  • SSDEEP

    49152:++wYYEzaTMdb99i3GhxyqMGnsCxM/hX3D/yYNBvM8kD:+N9TM9E2hxTnswAhXzqyv7

Score
10/10

Malware Config

Targets

    • Target

      85bd3d8d2f06d586119584c8eef9071fcb0e42452082fb22b9960f220cc3b5a6.exe

    • Size

      2.2MB

    • MD5

      638db2061cddae61c0e3dec28aefe8df

    • SHA1

      b1a9ab063e0e8c23e7b16f72766054e7d190f9e4

    • SHA256

      85bd3d8d2f06d586119584c8eef9071fcb0e42452082fb22b9960f220cc3b5a6

    • SHA512

      65f93f0ef49b721c467151a89d5bdedc853eddb1f4e9142db891afd911e081bc0648cc14955e39d4a1feea1aeec3ed40996d2acf22a7722058723bdc830399f4

    • SSDEEP

      49152:++wYYEzaTMdb99i3GhxyqMGnsCxM/hX3D/yYNBvM8kD:+N9TM9E2hxTnswAhXzqyv7

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks