Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8fc9df6aa2a9eb204d59dd0e41e811dba6e26841358e2e594e68d0515b709d25

  • Size

    2.2MB

  • Sample

    240409-gr5ababg5z

  • MD5

    c06b16ec7232eed0e758312f25d276b8

  • SHA1

    bb8eaa4f3a2b6beb82f6566522630c31f8977a44

  • SHA256

    8fc9df6aa2a9eb204d59dd0e41e811dba6e26841358e2e594e68d0515b709d25

  • SHA512

    9c7dbf7d6a2bd8c5d75bf2d0c015e0ce552f06dcf1836047af7b04e54d76b718a5dcbfdecae8d28ef9db55953fcc74ff8e09408e38b08e06c068cf07bdd2e5b5

  • SSDEEP

    49152:as9NRR5MmyC8ZCY/ETnKj9nHp8UyKOreY3drQIf6wUHNBT:aQNRGEVE9HWXdrawKN

Score
10/10

Malware Config

Targets

    • Target

      8fc9df6aa2a9eb204d59dd0e41e811dba6e26841358e2e594e68d0515b709d25

    • Size

      2.2MB

    • MD5

      c06b16ec7232eed0e758312f25d276b8

    • SHA1

      bb8eaa4f3a2b6beb82f6566522630c31f8977a44

    • SHA256

      8fc9df6aa2a9eb204d59dd0e41e811dba6e26841358e2e594e68d0515b709d25

    • SHA512

      9c7dbf7d6a2bd8c5d75bf2d0c015e0ce552f06dcf1836047af7b04e54d76b718a5dcbfdecae8d28ef9db55953fcc74ff8e09408e38b08e06c068cf07bdd2e5b5

    • SSDEEP

      49152:as9NRR5MmyC8ZCY/ETnKj9nHp8UyKOreY3drQIf6wUHNBT:aQNRGEVE9HWXdrawKN

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.