Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e75385f7e9f6dff395b56324c83ce21d4fca3dff3b0d19c501c3bae9d1cbccda

  • Size

    3.0MB

  • Sample

    240406-hlg39sch7y

  • MD5

    3b434bfaed4ca1166a44d6df34c2fd55

  • SHA1

    b9c3a5a7ef6439491ac7a5dd05068632b1fdcd5a

  • SHA256

    e75385f7e9f6dff395b56324c83ce21d4fca3dff3b0d19c501c3bae9d1cbccda

  • SHA512

    c15a5bc78d1efb7ece4e4f150fe6704211d562c44ffa844b2eb11034bd339fa6ba776c29d0941b9ed646f8191a7b3c802e26c889bc4e88b19e7e3e6a387e8d6c

  • SSDEEP

    49152:5eorKyXvlx0tFQrH1ltPDWT6tL/TwCa1BEYsBUYmJGB81zkliCfTMaHxd4KOK:3rKyXvlx0tFQrLJyTyAlBjUhYGB81zkH

Malware Config

Targets

    • Target

      e75385f7e9f6dff395b56324c83ce21d4fca3dff3b0d19c501c3bae9d1cbccda

    • Size

      3.0MB

    • MD5

      3b434bfaed4ca1166a44d6df34c2fd55

    • SHA1

      b9c3a5a7ef6439491ac7a5dd05068632b1fdcd5a

    • SHA256

      e75385f7e9f6dff395b56324c83ce21d4fca3dff3b0d19c501c3bae9d1cbccda

    • SHA512

      c15a5bc78d1efb7ece4e4f150fe6704211d562c44ffa844b2eb11034bd339fa6ba776c29d0941b9ed646f8191a7b3c802e26c889bc4e88b19e7e3e6a387e8d6c

    • SSDEEP

      49152:5eorKyXvlx0tFQrH1ltPDWT6tL/TwCa1BEYsBUYmJGB81zkliCfTMaHxd4KOK:3rKyXvlx0tFQrLJyTyAlBjUhYGB81zkH

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.