Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0bfcab5dc5b4006f3ced4da85db2694df11f26b4356adaf8c6e7351c69876e7a

  • Size

    3.1MB

  • Sample

    240408-lvw6bsec76

  • MD5

    13db46fc3d3ccd1bb23092b43158549a

  • SHA1

    38782bb916fe926db4a5e2e0811c1ad1fcca6953

  • SHA256

    0bfcab5dc5b4006f3ced4da85db2694df11f26b4356adaf8c6e7351c69876e7a

  • SHA512

    a514181790baecf4fd98b2f9d5da2e46e4a8826d757e0f93b350dee5ad03a7300c8550415092505c5819832de1bb2b61b8ec56b9afc32ea420f44b1a390f4e94

  • SSDEEP

    49152:iS5BNaFl3MukclKJgYDWwGn63uXmclY//hxj4YLEYV5ELblZTC:iOUlDwJgAGn6smDyYLWlRC

Malware Config

Targets

    • Target

      0bfcab5dc5b4006f3ced4da85db2694df11f26b4356adaf8c6e7351c69876e7a

    • Size

      3.1MB

    • MD5

      13db46fc3d3ccd1bb23092b43158549a

    • SHA1

      38782bb916fe926db4a5e2e0811c1ad1fcca6953

    • SHA256

      0bfcab5dc5b4006f3ced4da85db2694df11f26b4356adaf8c6e7351c69876e7a

    • SHA512

      a514181790baecf4fd98b2f9d5da2e46e4a8826d757e0f93b350dee5ad03a7300c8550415092505c5819832de1bb2b61b8ec56b9afc32ea420f44b1a390f4e94

    • SSDEEP

      49152:iS5BNaFl3MukclKJgYDWwGn63uXmclY//hxj4YLEYV5ELblZTC:iOUlDwJgAGn6smDyYLWlRC

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks