Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
loader.exe
-
Size
8.5MB
-
Sample
240608-wrbekaeh95
-
MD5
851dc1231b62cca3b63f7f2287dff84f
-
SHA1
16915a97ff71586cb033319a3f81c18d8792e1b7
-
SHA256
2019edf4b004995ed0cc16da5a8746a6154b16df7663cbe6d3fc7782ba5dbc17
-
SHA512
507c6038f9b65ccb74fe6947ac9caeeef35dcc1b0d01fd68e10a7d2cc5cf6997bdd04cb10b1cc25fd2966b266c7ff471f91618da6021ef4cd0ba24803c7482f9
-
SSDEEP
196608:lWU/XIK3djYTPtJyCAaws5WJqHqJLkSXNzeHrldm:lWU/4kU7tJy7DhJQyNSLl4
Malware Config
Targets
-
-
Target
loader.exe
-
Size
8.5MB
-
MD5
851dc1231b62cca3b63f7f2287dff84f
-
SHA1
16915a97ff71586cb033319a3f81c18d8792e1b7
-
SHA256
2019edf4b004995ed0cc16da5a8746a6154b16df7663cbe6d3fc7782ba5dbc17
-
SHA512
507c6038f9b65ccb74fe6947ac9caeeef35dcc1b0d01fd68e10a7d2cc5cf6997bdd04cb10b1cc25fd2966b266c7ff471f91618da6021ef4cd0ba24803c7482f9
-
SSDEEP
196608:lWU/XIK3djYTPtJyCAaws5WJqHqJLkSXNzeHrldm:lWU/4kU7tJy7DhJQyNSLl4
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-