Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Solaris.zip

windows7-x64

1

Solaris.zip

windows10-2004-x64

1

enviorment...ke.exe

windows7-x64

10

enviorment...ke.exe

windows10-2004-x64

10

enviorment...rd.exe

windows7-x64

9

enviorment...rd.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Solaris.zip

  • Size

    28.4MB

  • Sample

    240421-mwqwdahb33

  • MD5

    15dbe34790f41078a34cd076e043bc8c

  • SHA1

    31e0065cfdc71061d8cb8248a56185d317728d8d

  • SHA256

    c2e0d1bfc92113b8482c63b7b40acce9531c72c2f8d16f6fb52a997efd773b26

  • SHA512

    c3b48aa21c94ebc9c8d905dbdd0ef91d63d4ce56b4391f278d2819d50f42fe0ade5fb6d94bbce36012dd8a1d6e360ca59d625ee76fece42e9500506bd166e166

  • SSDEEP

    786432:rVbe9JYsPN/mUZerH2VxDGkkEEaiAumIbf+YazhFf8KTNOcOSUS7VuZ:RbeN+UZsH2VxCkCSsA7OcOSb7VuZ

Score
10/10
agentteslaevasionkeyloggerspywarestealerthemidatrojan

Malware Config

Targets

    • Target

      Solaris.zip

    • Size

      28.4MB

    • MD5

      15dbe34790f41078a34cd076e043bc8c

    • SHA1

      31e0065cfdc71061d8cb8248a56185d317728d8d

    • SHA256

      c2e0d1bfc92113b8482c63b7b40acce9531c72c2f8d16f6fb52a997efd773b26

    • SHA512

      c3b48aa21c94ebc9c8d905dbdd0ef91d63d4ce56b4391f278d2819d50f42fe0ade5fb6d94bbce36012dd8a1d6e360ca59d625ee76fece42e9500506bd166e166

    • SSDEEP

      786432:rVbe9JYsPN/mUZerH2VxDGkkEEaiAumIbf+YazhFf8KTNOcOSUS7VuZ:RbeN+UZsH2VxCkCSsA7OcOSb7VuZ

    Score
    1/10
    behavioral1behavioral2

    • Target

      enviorment/UIRemake.exe

    • Size

      483KB

    • MD5

      fcaed1a87857f201faa454c23574bacc

    • SHA1

      ba34f6e93349e2d6db424e31e3f02b621f1c8afa

    • SHA256

      1919913a6858a14f8c61034e55e13e76c00a7709b429bf2d6cf0e08a31d2cdcd

    • SHA512

      51dd262a6362153d2a03e456d6e16a5ad334a7ddc63de6344dedcedf7a56b5789763bc8deb164d4b4bf90fcf1ccd00aa40f9214e060a494520c1df5399c7f532

    • SSDEEP

      12288:5U9GUQPoCzg52Htky52Htk8Cr0WuNijMD2K:iG3ACUm9mDCQWuNJ2

    Score
    10/10
    agentteslakeyloggerspywarestealertrojan
    behavioral3behavioral4

    • Target

      enviorment/textword.exe

    • Size

      3.4MB

    • MD5

      c6b39ee166d5b0a2c8a9021ccd1593ae

    • SHA1

      e480e7c282f64e8b0179c82afe154dd59d14217d

    • SHA256

      443b665c5f545a2bdd7855f86bf70a5ee7f35eda1b6b08615161f5809cbda02b

    • SHA512

      3864aea36c522ca5658412128e6a4c862a647cf3b1054b9adbe418488590a37600d7639c3eba94ca9de76f087b244b95644c667213b1122889cf2d9b7a4652d2

    • SSDEEP

      49152:Kl0nJ28J4VZohYWVGGjW8NhSU7zwo8oXJ2R3KPHsI7coj2J+eNgRpqNc1a:KmnJrJ4DohYWVTJNkIZZ2R6vsmA+FDqN

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks