Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4258a51127f4635c8359c4d7fe2772d3923451d82560196b6c2e573ec09218e3

  • Size

    3.0MB

  • Sample

    240404-2bx7aabf9s

  • MD5

    456d82626ee181a1fa870e24d8bd0ba3

  • SHA1

    39a95f8fb16f807cdf904f7d3f8e468cbc3f59c8

  • SHA256

    4258a51127f4635c8359c4d7fe2772d3923451d82560196b6c2e573ec09218e3

  • SHA512

    e8d210d41283e3a66310e635dcb9a219fe5a89251535df591a734a85e3be24df05bae736b821b6af7e80b6aadfe6b1353d7f1f2c4177384fe1b724eb5888884f

  • SSDEEP

    49152:v2G4GdhNHKHCvx0FVy6qAZSNGPGdxf0kURPmnjOoif247SjPhhECveShL1ZqBoj2:AeNqHCv4VylNlxf0ZR+nq57UrNJZ2H

Malware Config

Targets

    • Target

      4258a51127f4635c8359c4d7fe2772d3923451d82560196b6c2e573ec09218e3

    • Size

      3.0MB

    • MD5

      456d82626ee181a1fa870e24d8bd0ba3

    • SHA1

      39a95f8fb16f807cdf904f7d3f8e468cbc3f59c8

    • SHA256

      4258a51127f4635c8359c4d7fe2772d3923451d82560196b6c2e573ec09218e3

    • SHA512

      e8d210d41283e3a66310e635dcb9a219fe5a89251535df591a734a85e3be24df05bae736b821b6af7e80b6aadfe6b1353d7f1f2c4177384fe1b724eb5888884f

    • SSDEEP

      49152:v2G4GdhNHKHCvx0FVy6qAZSNGPGdxf0kURPmnjOoif247SjPhhECveShL1ZqBoj2:AeNqHCv4VylNlxf0ZR+nq57UrNJZ2H

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks