Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Slap - Copia - Copia.zip

  • Size

    17.5MB

  • Sample

    240423-b5xvhabc6z

  • MD5

    e9c72f6f2083ca0935e418cd6f3d97ae

  • SHA1

    0c24eb62a79847f439d854b4abf5124e08288148

  • SHA256

    3a30a8a5dbe77d31b890b995f99051fa2b1add4a4edc0969754b9acd35ec9309

  • SHA512

    bc76a12082b01cf938329582b2c6a0a899501ac27f4c3b068a1d2e3fcf40fac5b2f04add4af2a3c4b79ddb5f1e3f775e4eb20c611b74bc248b621db1a85ae3df

  • SSDEEP

    393216:ZoddfnVT528ZIeoAG0e2bodlZtFYb8vi5qbBnaPdfCzA5:ZaddT0KIeZvbbalzFYb8vJnatCk

Malware Config

Targets

    • Target

      Slap - Copia - Copia.zip

    • Size

      17.5MB

    • MD5

      e9c72f6f2083ca0935e418cd6f3d97ae

    • SHA1

      0c24eb62a79847f439d854b4abf5124e08288148

    • SHA256

      3a30a8a5dbe77d31b890b995f99051fa2b1add4a4edc0969754b9acd35ec9309

    • SHA512

      bc76a12082b01cf938329582b2c6a0a899501ac27f4c3b068a1d2e3fcf40fac5b2f04add4af2a3c4b79ddb5f1e3f775e4eb20c611b74bc248b621db1a85ae3df

    • SSDEEP

      393216:ZoddfnVT528ZIeoAG0e2bodlZtFYb8vi5qbBnaPdfCzA5:ZaddT0KIeZvbbalzFYb8vJnatCk

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.