Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    BypassFree.exe

  • Size

    17.1MB

  • Sample

    240510-rkkbnsdd73

  • MD5

    afd97648d04d69377a4f18a06fa45474

  • SHA1

    60884be180253e41bc5d7b162d607fa623d6d0bb

  • SHA256

    a34ac6ac3fcd2a5188b69d39494b3f12c2aaf9525a52453b0feeb4b9f8560475

  • SHA512

    2b09eaf602533d64b77c370e795599ea5c9769d4138db59ce2bf17a3425e9ea8917a1f239bb115e6b66db2987f23edd468068949ae765ca532b6c29e9dd8838c

  • SSDEEP

    393216:BpkeR5kUDH2oraAlbeY8n1SLKcuUcJ8+LU/k+LptDdiDqNURNCre9a:BptbPrjXI16KMkI/x3M0UPse9a

Score
9/10

Malware Config

Targets

    • Target

      BypassFree.exe

    • Size

      17.1MB

    • MD5

      afd97648d04d69377a4f18a06fa45474

    • SHA1

      60884be180253e41bc5d7b162d607fa623d6d0bb

    • SHA256

      a34ac6ac3fcd2a5188b69d39494b3f12c2aaf9525a52453b0feeb4b9f8560475

    • SHA512

      2b09eaf602533d64b77c370e795599ea5c9769d4138db59ce2bf17a3425e9ea8917a1f239bb115e6b66db2987f23edd468068949ae765ca532b6c29e9dd8838c

    • SSDEEP

      393216:BpkeR5kUDH2oraAlbeY8n1SLKcuUcJ8+LU/k+LptDdiDqNURNCre9a:BptbPrjXI16KMkI/x3M0UPse9a

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks