Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
F593AB3D9D28ED29C7E65AFE5D5C3D234E13A7D2552723565E80D954D5E15DA1.zip
-
Size
16.6MB
-
Sample
240409-npkapahb6s
-
MD5
49509bafe7a3e693ed37731109480ab1
-
SHA1
48f396d5ad4395f6f6288be1714cad10a00aa5d3
-
SHA256
c9b3414ddd02dbd1ba0efa264b21133b45eac505e9abd551cb235647c4bf519d
-
SHA512
d56b4e1687d7d32d431d074e9fb295846cd589a3136d3639973f1612aab69dafba79ced16317056010eb1bb4b0f62beaf5a33bd1441a3161ed4a6679da2904c0
-
SSDEEP
393216:fK+pS0A56g8w41GQ4TY5Qk5QtZjJdbXYmNDhMcyxDLuA4/:fKEA5vv41GDT5kIZjAqtMcyFun/
Static task
static1
Behavioral task
behavioral1
Sample
F593AB3D9D28ED29C7E65AFE5D5C3D234E13A7D2552723565E80D954D5E15DA1.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
F593AB3D9D28ED29C7E65AFE5D5C3D234E13A7D2552723565E80D954D5E15DA1
-
Size
16.8MB
-
MD5
7d275755c8016baf66a2de364b5b9b3b
-
SHA1
f72d3c3578022614c6d5c8c9b5fede688e4a0b5b
-
SHA256
f593ab3d9d28ed29c7e65afe5d5c3d234e13a7d2552723565e80d954d5e15da1
-
SHA512
55f3a335bb6641c8ca1f480ed38cc85953ef85ba42b6f6cc91c01a5a5357fcf1336719fd04937d49f2bc93cfadc861fd935967ec0535e87543b0cdadb859b249
-
SSDEEP
393216:TJntyWPo+h06gwTU0eByBBpfJsB7Ja2gn9uG6DEWbSAY02znM0/JkGp5Ai:3yWPrnrXsBcvuG6AWvUndJpqi
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-