Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ec848ed8a308f13a19073b9afa43a755cef54fe3b5777b77ba59a1068b1f127e
-
Size
10.7MB
-
Sample
240529-h1nvcsfd75
-
MD5
5b61e4d359022bf8defb88171a206969
-
SHA1
c7394d4c8b9738e2ff279cc443bc38af8a778980
-
SHA256
ec848ed8a308f13a19073b9afa43a755cef54fe3b5777b77ba59a1068b1f127e
-
SHA512
5fac25bec1cc57d1c210e4ded5351af5d7732089347284942c80bcb9070d9bf7f6c532df391308900bcf642b451db110b9547ca7d1bc6b9e5bde1f3bc2d9954b
-
SSDEEP
196608:iHwJu2JYMN64owNBxRr8Txs4F6AsQGBHoL1PntPj8YSKR:swP5N8x+PIL1Pnx9R
Static task
static1
Behavioral task
behavioral1
Sample
ec848ed8a308f13a19073b9afa43a755cef54fe3b5777b77ba59a1068b1f127e.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ec848ed8a308f13a19073b9afa43a755cef54fe3b5777b77ba59a1068b1f127e.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
ec848ed8a308f13a19073b9afa43a755cef54fe3b5777b77ba59a1068b1f127e
-
Size
10.7MB
-
MD5
5b61e4d359022bf8defb88171a206969
-
SHA1
c7394d4c8b9738e2ff279cc443bc38af8a778980
-
SHA256
ec848ed8a308f13a19073b9afa43a755cef54fe3b5777b77ba59a1068b1f127e
-
SHA512
5fac25bec1cc57d1c210e4ded5351af5d7732089347284942c80bcb9070d9bf7f6c532df391308900bcf642b451db110b9547ca7d1bc6b9e5bde1f3bc2d9954b
-
SSDEEP
196608:iHwJu2JYMN64owNBxRr8Txs4F6AsQGBHoL1PntPj8YSKR:swP5N8x+PIL1Pnx9R
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-