Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4095099f8dc01fa0e768c90bc5f6930b.bin
-
Size
2.3MB
-
Sample
240509-bw55hsdd94
-
MD5
1c0b283b8f3a25091997ba65a7e20be6
-
SHA1
48b58e9ec81e5c108382cd87680dde16107c97d0
-
SHA256
af3fb8a4cb92ec05d2b9a426ee5225d2adfebd4beb90ba16c8c7ef9b3078ff3a
-
SHA512
470774df7ed56dfa34a825b18b783faf3037ac1589d88249c9eae898af076f4922d344617283ba55e6c775b495a04a97ef47d800363c4e6b0422fb626e8bb197
-
SSDEEP
49152:vewwKO+qgqDVHAIWHcGwShj+wOBkGQL8UAWTUECi/dsv5d1TJU:AKOSqpXW8eSKZ3AqUQ/M5dzU
Static task
static1
Behavioral task
behavioral1
Sample
2c4b9f1da660cc47a044ee56e82c9fcd7e2e37fce633db555679f3a225835009.exe
Resource
win7-20240221-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
2c4b9f1da660cc47a044ee56e82c9fcd7e2e37fce633db555679f3a225835009.exe
-
Size
2.3MB
-
MD5
4095099f8dc01fa0e768c90bc5f6930b
-
SHA1
b39c9d00a3e8dd50c5eda7fe051af42120ebcbaa
-
SHA256
2c4b9f1da660cc47a044ee56e82c9fcd7e2e37fce633db555679f3a225835009
-
SHA512
1ae03baee6096fa653612f344433bdfd357b2bfe639391effdebd4ef63efbacb6f8ad9a2fb1ed1714d1a99418a13694efc5aaabdf7d79cfa6ee3449b66fab600
-
SSDEEP
49152:6Ts9zpYo556eURBCcuAU42VAYJiSo0UKQ0mJNFXVRMFZaBo:649SoqrRBCDnVfJikxQ0WNNo
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-