Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
41ed3a1f7287ba2a0d2b116c049ce9eef6cfd07636908b758fbc2f91fae62dae
-
Size
1.6MB
-
Sample
240410-mmd58aff4w
-
MD5
d25804aa6bd05177e905554e5b06176a
-
SHA1
93eb2e93972f03d043b6cf0127812fd150ca5ec5
-
SHA256
41ed3a1f7287ba2a0d2b116c049ce9eef6cfd07636908b758fbc2f91fae62dae
-
SHA512
3f689ef245b68d412d1042b7c8f3e5623bde7c6b1cf4a09166445209019661ddc07f2e416a68fa2c27f1e5a7979ffbe8a9bf1a2dbec76234f77f86d6cf3727d8
-
SSDEEP
49152:/mlxqzkcmcBR+2gxN68ic/BwKcn2QfBtUzo:/mlOTBR+Fx20BBktT
Static task
static1
Behavioral task
behavioral1
Sample
41ed3a1f7287ba2a0d2b116c049ce9eef6cfd07636908b758fbc2f91fae62dae.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
41ed3a1f7287ba2a0d2b116c049ce9eef6cfd07636908b758fbc2f91fae62dae
-
Size
1.6MB
-
MD5
d25804aa6bd05177e905554e5b06176a
-
SHA1
93eb2e93972f03d043b6cf0127812fd150ca5ec5
-
SHA256
41ed3a1f7287ba2a0d2b116c049ce9eef6cfd07636908b758fbc2f91fae62dae
-
SHA512
3f689ef245b68d412d1042b7c8f3e5623bde7c6b1cf4a09166445209019661ddc07f2e416a68fa2c27f1e5a7979ffbe8a9bf1a2dbec76234f77f86d6cf3727d8
-
SSDEEP
49152:/mlxqzkcmcBR+2gxN68ic/BwKcn2QfBtUzo:/mlOTBR+Fx20BBktT
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-