Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
chrome.zip
-
Size
7.4MB
-
Sample
240606-kvwdcsda78
-
MD5
9bc9c81b8eb739550ced80cbe3876084
-
SHA1
181c1b81eeccf882041c6e4bbfcbe3b09b5c96e6
-
SHA256
2f78abcf8efd1843e5953bb000b487b50ba7bc1ded77933294b7c70cdc157675
-
SHA512
1631cee8eb5c4f801423725cef27d27b4fef7bedb9f40242b5a4ff93f3b7a10c440446bc9e7521b887bb34284096ec4fa386ebec6c5e0398189adff6150fe167
-
SSDEEP
196608:F5xXJC5ivSEB6ANotUNCHRkIWLYr+kNPJi2NteSw+B/Uktn5Sg:/DH6A2tUNCxkVLy+klXeSYjg
Static task
static1
Behavioral task
behavioral1
Sample
QtCore4.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
QtCore4.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
QtGui4.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
QtGui4.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
chrome.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
QtCore4.dll
-
Size
2.1MB
-
MD5
2fe0599b45e4f112cedc69986d10d21b
-
SHA1
3391843c5ddde45b17df309fe182c8dee1cb862a
-
SHA256
29aba16000167af9217510f93e6da8def731a8a5132024a7b7d1ba4c9116b7a9
-
SHA512
daa55eb9c223433b4d332e6aa40f2558057fcf98b01cf17f8aa68c9f53ffee9c56a86127efb37f7904282f7670608be9b4813a758d134e4c3ab501b4d0bdf39c
-
SSDEEP
49152:tU6a2PjSQTUEZtQqhJXbQKFdu9UTj6ep+Tqv:/vjT9sKFdu9WpX
Score3/10 -
-
-
Target
QtGui4.dll
-
Size
6.8MB
-
MD5
ddd7cb6f7fcb04a7a22b8c88e54960c4
-
SHA1
ec90b7dc14ba83b31557262f9f4694478cbb751a
-
SHA256
ed88922666a2323c05c08c75f7ad29d049d1a36399ab988ad5ce1e86149cb450
-
SHA512
0e6d046c4f4e5fab3bc0aea57a99f0a1779f7fb4a3950f0e302b65ef411c9a08c534607f1be9533fa82ea64be5a5391c28b5ab615de82680188e2b1d28c8fc07
-
SSDEEP
196608:AEubw71Hqi7SVzQlgj2bMWE+LpoMk+dTha46Yuy7uNcK:AEuERKoukwmLlJdThxcZ7
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
chrome.exe
-
Size
178KB
-
MD5
7cd87f8ad0cd8279f8699cd441238338
-
SHA1
523c83c22647164b7e7465fecaf798f3be5ac2d8
-
SHA256
71a7f53796731bd270704b825af080d1e84e2bb4d2184bb77926cd895dc87214
-
SHA512
b5ee28a24ba6fc4bb0e8a5b0c1a5adbfac204be43635ad99998bd4617726a5b5f95876dbdc7807b30cc74569b431ef7eb4a540f3e62b759e2fb36df9cff10796
-
SSDEEP
3072:k+sGBD3O9O6qe+4T+vqwqYROyCUbSIMAAAAAAAUAAAk2o5U:kZGBD3O9O6qe+4T+vqwqYROyCUbSDv5U
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-