Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Gamesense___10.exe
-
Size
18.0MB
-
Sample
240421-w33ceshd4y
-
MD5
87e502fd28440c1842c5d4dc3c287abd
-
SHA1
843fdb05bcfcb5a0192c74b58c5d6b77dfbcce50
-
SHA256
493da153c32c2e47efd1bdad098b360734c574c31e235726ef48b382653b6ccb
-
SHA512
e94abeb8a78a5775f93e9a11adee908bd4d5c87803e294989e4bb78e51e879fd2b69311637f60eec0163e669b0e732096e35b99de441e6bb1e8a0f306ea69ba9
-
SSDEEP
393216:wp4kxmt4dDlSYj6XRsB3k3wRBQK9us7LCKAg5Bh9rj:wK4BTjoyNk3EaK4snPZ9H
Malware Config
Targets
-
-
Target
Gamesense___10.exe
-
Size
18.0MB
-
MD5
87e502fd28440c1842c5d4dc3c287abd
-
SHA1
843fdb05bcfcb5a0192c74b58c5d6b77dfbcce50
-
SHA256
493da153c32c2e47efd1bdad098b360734c574c31e235726ef48b382653b6ccb
-
SHA512
e94abeb8a78a5775f93e9a11adee908bd4d5c87803e294989e4bb78e51e879fd2b69311637f60eec0163e669b0e732096e35b99de441e6bb1e8a0f306ea69ba9
-
SSDEEP
393216:wp4kxmt4dDlSYj6XRsB3k3wRBQK9us7LCKAg5Bh9rj:wK4BTjoyNk3EaK4snPZ9H
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-