Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9ac899e08b378dd2b4e5169c01597c988cf2a1396b5dfab12e97cb46156b0263.exe
-
Size
3.9MB
-
Sample
240417-cdhryaca9t
-
MD5
2fb33c498f66aa47b719d3b9345e35ba
-
SHA1
b7591feab49bc5b58a313fe45213f91df6c2980a
-
SHA256
9ac899e08b378dd2b4e5169c01597c988cf2a1396b5dfab12e97cb46156b0263
-
SHA512
e0ec93588e92fbc716d0c9761beac85fbcdd7a912a3ae9844c38e3323ad17fb40a19abaf82a5b49d0f65f0aaa6085b3e139e7e25325e0a60821b0db4f50862a7
-
SSDEEP
98304:/HFySxnKY0EvQZn2xJzOeS3bG34EVGR7q/0iRmyc3rea:/HFySxKgqn2TOeybq4NR7UHgrH
Static task
static1
Behavioral task
behavioral1
Sample
9ac899e08b378dd2b4e5169c01597c988cf2a1396b5dfab12e97cb46156b0263.exe
Resource
win7-20240220-en
Malware Config
Extracted
risepro
193.233.132.253:50500
Targets
-
-
Target
9ac899e08b378dd2b4e5169c01597c988cf2a1396b5dfab12e97cb46156b0263.exe
-
Size
3.9MB
-
MD5
2fb33c498f66aa47b719d3b9345e35ba
-
SHA1
b7591feab49bc5b58a313fe45213f91df6c2980a
-
SHA256
9ac899e08b378dd2b4e5169c01597c988cf2a1396b5dfab12e97cb46156b0263
-
SHA512
e0ec93588e92fbc716d0c9761beac85fbcdd7a912a3ae9844c38e3323ad17fb40a19abaf82a5b49d0f65f0aaa6085b3e139e7e25325e0a60821b0db4f50862a7
-
SSDEEP
98304:/HFySxnKY0EvQZn2xJzOeS3bG34EVGR7q/0iRmyc3rea:/HFySxKgqn2TOeybq4NR7UHgrH
-
Detects executables built or packed with MPress PE compressor
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-