Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
BypassFree.exe
-
Size
17.1MB
-
Sample
240510-rkkbnsdd73
-
MD5
afd97648d04d69377a4f18a06fa45474
-
SHA1
60884be180253e41bc5d7b162d607fa623d6d0bb
-
SHA256
a34ac6ac3fcd2a5188b69d39494b3f12c2aaf9525a52453b0feeb4b9f8560475
-
SHA512
2b09eaf602533d64b77c370e795599ea5c9769d4138db59ce2bf17a3425e9ea8917a1f239bb115e6b66db2987f23edd468068949ae765ca532b6c29e9dd8838c
-
SSDEEP
393216:BpkeR5kUDH2oraAlbeY8n1SLKcuUcJ8+LU/k+LptDdiDqNURNCre9a:BptbPrjXI16KMkI/x3M0UPse9a
Static task
static1
Malware Config
Targets
-
-
Target
BypassFree.exe
-
Size
17.1MB
-
MD5
afd97648d04d69377a4f18a06fa45474
-
SHA1
60884be180253e41bc5d7b162d607fa623d6d0bb
-
SHA256
a34ac6ac3fcd2a5188b69d39494b3f12c2aaf9525a52453b0feeb4b9f8560475
-
SHA512
2b09eaf602533d64b77c370e795599ea5c9769d4138db59ce2bf17a3425e9ea8917a1f239bb115e6b66db2987f23edd468068949ae765ca532b6c29e9dd8838c
-
SSDEEP
393216:BpkeR5kUDH2oraAlbeY8n1SLKcuUcJ8+LU/k+LptDdiDqNURNCre9a:BptbPrjXI16KMkI/x3M0UPse9a
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-