Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
78bbdc7efd2afa13ba43476c04afbe99108a1fd86a33923bc388ee569e090050
-
Size
4.0MB
-
Sample
240526-jvg1ascg24
-
MD5
ff51d0152c58b9d85cf353eee7ff73ad
-
SHA1
bc2aa9286fde02c12d6c7dff50c48ae02874a16a
-
SHA256
78bbdc7efd2afa13ba43476c04afbe99108a1fd86a33923bc388ee569e090050
-
SHA512
9370bc0483c9de3775b1e66a87773540dc45c86c2743868426a50e4ea85b52c8ef612e13b6ab808de9afc6441b3c5c4518de51cbac8a333aeaec7244af9a8d9b
-
SSDEEP
98304:eSjiJiKlFDlv0WEe2kh8qZJcKObpEQIj6s1yCQx/ouxOq:eSjM1FDlv0WE0Jcxpv6yCKor
Static task
static1
Behavioral task
behavioral1
Sample
78bbdc7efd2afa13ba43476c04afbe99108a1fd86a33923bc388ee569e090050.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
78bbdc7efd2afa13ba43476c04afbe99108a1fd86a33923bc388ee569e090050.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
78bbdc7efd2afa13ba43476c04afbe99108a1fd86a33923bc388ee569e090050
-
Size
4.0MB
-
MD5
ff51d0152c58b9d85cf353eee7ff73ad
-
SHA1
bc2aa9286fde02c12d6c7dff50c48ae02874a16a
-
SHA256
78bbdc7efd2afa13ba43476c04afbe99108a1fd86a33923bc388ee569e090050
-
SHA512
9370bc0483c9de3775b1e66a87773540dc45c86c2743868426a50e4ea85b52c8ef612e13b6ab808de9afc6441b3c5c4518de51cbac8a333aeaec7244af9a8d9b
-
SSDEEP
98304:eSjiJiKlFDlv0WEe2kh8qZJcKObpEQIj6s1yCQx/ouxOq:eSjM1FDlv0WE0Jcxpv6yCKor
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-