Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    41ed3a1f7287ba2a0d2b116c049ce9eef6cfd07636908b758fbc2f91fae62dae

  • Size

    1.6MB

  • Sample

    240410-mmd58aff4w

  • MD5

    d25804aa6bd05177e905554e5b06176a

  • SHA1

    93eb2e93972f03d043b6cf0127812fd150ca5ec5

  • SHA256

    41ed3a1f7287ba2a0d2b116c049ce9eef6cfd07636908b758fbc2f91fae62dae

  • SHA512

    3f689ef245b68d412d1042b7c8f3e5623bde7c6b1cf4a09166445209019661ddc07f2e416a68fa2c27f1e5a7979ffbe8a9bf1a2dbec76234f77f86d6cf3727d8

  • SSDEEP

    49152:/mlxqzkcmcBR+2gxN68ic/BwKcn2QfBtUzo:/mlOTBR+Fx20BBktT

Score
9/10

Malware Config

Targets

    • Target

      41ed3a1f7287ba2a0d2b116c049ce9eef6cfd07636908b758fbc2f91fae62dae

    • Size

      1.6MB

    • MD5

      d25804aa6bd05177e905554e5b06176a

    • SHA1

      93eb2e93972f03d043b6cf0127812fd150ca5ec5

    • SHA256

      41ed3a1f7287ba2a0d2b116c049ce9eef6cfd07636908b758fbc2f91fae62dae

    • SHA512

      3f689ef245b68d412d1042b7c8f3e5623bde7c6b1cf4a09166445209019661ddc07f2e416a68fa2c27f1e5a7979ffbe8a9bf1a2dbec76234f77f86d6cf3727d8

    • SSDEEP

      49152:/mlxqzkcmcBR+2gxN68ic/BwKcn2QfBtUzo:/mlOTBR+Fx20BBktT

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks