Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
65a6440d1811c57370440be7f8ce57db3802f00bd0a09f331af13d547f532437
-
Size
2.3MB
-
Sample
240418-ldvaeaad2z
-
MD5
fd69617fe6a64e1bbbdcbabc5fc50fb3
-
SHA1
6a94b7abe7208b9746c578cf743d4b13c027379b
-
SHA256
65a6440d1811c57370440be7f8ce57db3802f00bd0a09f331af13d547f532437
-
SHA512
037194c0a563a3592295b34a59949276392507ba21e1e75b49843003c449794e7daa7c9f333937b570e55e1ffe54ed5d5940dcab53a15613283a349327a7e828
-
SSDEEP
49152:FeF1xn14NPOcl8V/6U+zyFsOJhdOAddbZmXVFOIJNNHU:A1xn1mOcOV/ECHd6hJN5U
Static task
static1
Behavioral task
behavioral1
Sample
65a6440d1811c57370440be7f8ce57db3802f00bd0a09f331af13d547f532437.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
65a6440d1811c57370440be7f8ce57db3802f00bd0a09f331af13d547f532437.exe
Resource
win11-20240412-en
Malware Config
Extracted
risepro
147.45.47.93:58709
Targets
-
-
Target
65a6440d1811c57370440be7f8ce57db3802f00bd0a09f331af13d547f532437
-
Size
2.3MB
-
MD5
fd69617fe6a64e1bbbdcbabc5fc50fb3
-
SHA1
6a94b7abe7208b9746c578cf743d4b13c027379b
-
SHA256
65a6440d1811c57370440be7f8ce57db3802f00bd0a09f331af13d547f532437
-
SHA512
037194c0a563a3592295b34a59949276392507ba21e1e75b49843003c449794e7daa7c9f333937b570e55e1ffe54ed5d5940dcab53a15613283a349327a7e828
-
SSDEEP
49152:FeF1xn14NPOcl8V/6U+zyFsOJhdOAddbZmXVFOIJNNHU:A1xn1mOcOV/ECHd6hJN5U
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-