Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Gamesense___10.exe

  • Size

    18.0MB

  • Sample

    240421-w33ceshd4y

  • MD5

    87e502fd28440c1842c5d4dc3c287abd

  • SHA1

    843fdb05bcfcb5a0192c74b58c5d6b77dfbcce50

  • SHA256

    493da153c32c2e47efd1bdad098b360734c574c31e235726ef48b382653b6ccb

  • SHA512

    e94abeb8a78a5775f93e9a11adee908bd4d5c87803e294989e4bb78e51e879fd2b69311637f60eec0163e669b0e732096e35b99de441e6bb1e8a0f306ea69ba9

  • SSDEEP

    393216:wp4kxmt4dDlSYj6XRsB3k3wRBQK9us7LCKAg5Bh9rj:wK4BTjoyNk3EaK4snPZ9H

Malware Config

Targets

    • Target

      Gamesense___10.exe

    • Size

      18.0MB

    • MD5

      87e502fd28440c1842c5d4dc3c287abd

    • SHA1

      843fdb05bcfcb5a0192c74b58c5d6b77dfbcce50

    • SHA256

      493da153c32c2e47efd1bdad098b360734c574c31e235726ef48b382653b6ccb

    • SHA512

      e94abeb8a78a5775f93e9a11adee908bd4d5c87803e294989e4bb78e51e879fd2b69311637f60eec0163e669b0e732096e35b99de441e6bb1e8a0f306ea69ba9

    • SSDEEP

      393216:wp4kxmt4dDlSYj6XRsB3k3wRBQK9us7LCKAg5Bh9rj:wK4BTjoyNk3EaK4snPZ9H

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks