Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    adb594efebfc6c0853642d37be4da822d27c84a2b0b120b67913156308cab6e7

  • Size

    2.3MB

  • Sample

    240429-fx8dgsbe32

  • MD5

    eddf1bea720131435cfb67c0b51622c8

  • SHA1

    03fde14e7a9d60c26c4a575d9d29b4d5440215a2

  • SHA256

    adb594efebfc6c0853642d37be4da822d27c84a2b0b120b67913156308cab6e7

  • SHA512

    23f86fcf116442d2b3e59793651a0e0997fcb239b00222b1b077453d91f3cb1447e2cd3957b5808a966db16cb2dd28f414aaa40835f54ae48ec49b189084a731

  • SSDEEP

    49152:lg69SebPPiKgYy+jKCB+RzlSomYoZQbZkvHKqx9D6+:lg69Sebi4jORzlPmLYZkvK69D6+

Score
10/10

Malware Config

Targets

    • Target

      adb594efebfc6c0853642d37be4da822d27c84a2b0b120b67913156308cab6e7

    • Size

      2.3MB

    • MD5

      eddf1bea720131435cfb67c0b51622c8

    • SHA1

      03fde14e7a9d60c26c4a575d9d29b4d5440215a2

    • SHA256

      adb594efebfc6c0853642d37be4da822d27c84a2b0b120b67913156308cab6e7

    • SHA512

      23f86fcf116442d2b3e59793651a0e0997fcb239b00222b1b077453d91f3cb1447e2cd3957b5808a966db16cb2dd28f414aaa40835f54ae48ec49b189084a731

    • SSDEEP

      49152:lg69SebPPiKgYy+jKCB+RzlSomYoZQbZkvHKqx9D6+:lg69Sebi4jORzlPmLYZkvK69D6+

    Score
    10/10
    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks