Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8fc9df6aa2a9eb204d59dd0e41e811dba6e26841358e2e594e68d0515b709d25
-
Size
2.2MB
-
Sample
240409-gr5ababg5z
-
MD5
c06b16ec7232eed0e758312f25d276b8
-
SHA1
bb8eaa4f3a2b6beb82f6566522630c31f8977a44
-
SHA256
8fc9df6aa2a9eb204d59dd0e41e811dba6e26841358e2e594e68d0515b709d25
-
SHA512
9c7dbf7d6a2bd8c5d75bf2d0c015e0ce552f06dcf1836047af7b04e54d76b718a5dcbfdecae8d28ef9db55953fcc74ff8e09408e38b08e06c068cf07bdd2e5b5
-
SSDEEP
49152:as9NRR5MmyC8ZCY/ETnKj9nHp8UyKOreY3drQIf6wUHNBT:aQNRGEVE9HWXdrawKN
Malware Config
Targets
-
-
Target
8fc9df6aa2a9eb204d59dd0e41e811dba6e26841358e2e594e68d0515b709d25
-
Size
2.2MB
-
MD5
c06b16ec7232eed0e758312f25d276b8
-
SHA1
bb8eaa4f3a2b6beb82f6566522630c31f8977a44
-
SHA256
8fc9df6aa2a9eb204d59dd0e41e811dba6e26841358e2e594e68d0515b709d25
-
SHA512
9c7dbf7d6a2bd8c5d75bf2d0c015e0ce552f06dcf1836047af7b04e54d76b718a5dcbfdecae8d28ef9db55953fcc74ff8e09408e38b08e06c068cf07bdd2e5b5
-
SSDEEP
49152:as9NRR5MmyC8ZCY/ETnKj9nHp8UyKOreY3drQIf6wUHNBT:aQNRGEVE9HWXdrawKN
Score10/10-
RisePro
RisePro stealer is an infostealer distributed by PrivateLoader.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-