Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7e46c597afa0aef592fa41dd52901e08_JaffaCakes118
-
Size
1.8MB
-
Sample
240528-y5bnlaag7s
-
MD5
7e46c597afa0aef592fa41dd52901e08
-
SHA1
4884a6a1bdd845e7260b0a65bc92f3da90be8da9
-
SHA256
baca190c7ef56fdd307b4a3fa1ddbe1e72aad55cd7507276329469108f725a94
-
SHA512
f5e6083f20a4b2336d6ea68ffd5372de2b40227585e1e3c37f40353dce2d2f2941bba90284d244dc8ffddc2a1ce78691eec6ca25d3a4933e92f380bf41913d05
-
SSDEEP
49152:BOGU4aSP0HV3ryXDeYLj7tUH80rGZwszDOjb:l0VryzeYv7O80yWszDA
Malware Config
Targets
-
-
Target
机甲小子2瑾哥辅助贺羊年豪华版1.1.exe
-
Size
1.8MB
-
MD5
ff8687656d64aaa3b2d436b51d6afc83
-
SHA1
a9ecdb7e31cd7f21961f10dceca32331463f7b2e
-
SHA256
399c1c27392d0ab84ea99f6e70e32a95a36fb50b7ea9c7de11654d782d8e9f5e
-
SHA512
6cc36e23e1e67d74a36f467cf0d77bccac2687957bf8d9bed705adc36ac86bd02b005d76adc26432da7a543066a48a96babff0cd59527a576863c9a84286d9de
-
SSDEEP
49152:64Q6x+gQSiYmGU+EqNw80Brm7MxlqZ+6Y+0u:2Z3GU8Nw8Yqk6y
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
西西软件园.url
-
Size
132B
-
MD5
91e54958a6591a16a0c8a5fa3ae07ef0
-
SHA1
f115f5dc501955bdf5dbbb21af4f5338d402fa77
-
SHA256
30ae0050ff7e052a079afbe5c3b1764b6c74d2047c9bdb390145f887bbfed263
-
SHA512
50299eb93f148bae4522c87066b77de1ab6a460cc670973ff5a6abacf52e0278b00a1ba7e704fac6ede77b5f7d5174373d71a3c391de335d1ac281d7f23c731d
Score1/10 -