Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e75385f7e9f6dff395b56324c83ce21d4fca3dff3b0d19c501c3bae9d1cbccda

  • Size

    3.0MB

  • Sample

    240406-hlg39sch7y

  • MD5

    3b434bfaed4ca1166a44d6df34c2fd55

  • SHA1

    b9c3a5a7ef6439491ac7a5dd05068632b1fdcd5a

  • SHA256

    e75385f7e9f6dff395b56324c83ce21d4fca3dff3b0d19c501c3bae9d1cbccda

  • SHA512

    c15a5bc78d1efb7ece4e4f150fe6704211d562c44ffa844b2eb11034bd339fa6ba776c29d0941b9ed646f8191a7b3c802e26c889bc4e88b19e7e3e6a387e8d6c

  • SSDEEP

    49152:5eorKyXvlx0tFQrH1ltPDWT6tL/TwCa1BEYsBUYmJGB81zkliCfTMaHxd4KOK:3rKyXvlx0tFQrLJyTyAlBjUhYGB81zkH

Malware Config

Targets

    • Target

      e75385f7e9f6dff395b56324c83ce21d4fca3dff3b0d19c501c3bae9d1cbccda

    • Size

      3.0MB

    • MD5

      3b434bfaed4ca1166a44d6df34c2fd55

    • SHA1

      b9c3a5a7ef6439491ac7a5dd05068632b1fdcd5a

    • SHA256

      e75385f7e9f6dff395b56324c83ce21d4fca3dff3b0d19c501c3bae9d1cbccda

    • SHA512

      c15a5bc78d1efb7ece4e4f150fe6704211d562c44ffa844b2eb11034bd339fa6ba776c29d0941b9ed646f8191a7b3c802e26c889bc4e88b19e7e3e6a387e8d6c

    • SSDEEP

      49152:5eorKyXvlx0tFQrH1ltPDWT6tL/TwCa1BEYsBUYmJGB81zkliCfTMaHxd4KOK:3rKyXvlx0tFQrLJyTyAlBjUhYGB81zkH

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks