Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

7

INF 6.05.exe

windows7-x64

9

INF 6.05.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    INF 6.05.exe

  • Size

    11.2MB

  • Sample

    240613-v21xjaxcqg

  • MD5

    0210fbaf33361ea797cc0217327cbe98

  • SHA1

    22ef6c2faf2c0befb035d088f2616eaa46024b09

  • SHA256

    8775d6dc7b16f4bb94148f31468a0647d3acc60d50f58c1007b6e6990f508071

  • SHA512

    f4399ef58adfdd74e37f0250c591af02aa3e5d79aa49b37ac4f68430a6af5d50166d59ac167463c26b2c93cbb34e65094d1764f6626aceb388faf15d6ffa60e0

  • SSDEEP

    196608:SQMGtjqbSmPLO/9disyjDvZLZ1iUZMsdcJRU93YzKiHU3WhR/j9MeehoP:xMS6SF0ZvZLZ1FcJuKKc/5FP

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      INF 6.05.exe

    • Size

      11.2MB

    • MD5

      0210fbaf33361ea797cc0217327cbe98

    • SHA1

      22ef6c2faf2c0befb035d088f2616eaa46024b09

    • SHA256

      8775d6dc7b16f4bb94148f31468a0647d3acc60d50f58c1007b6e6990f508071

    • SHA512

      f4399ef58adfdd74e37f0250c591af02aa3e5d79aa49b37ac4f68430a6af5d50166d59ac167463c26b2c93cbb34e65094d1764f6626aceb388faf15d6ffa60e0

    • SSDEEP

      196608:SQMGtjqbSmPLO/9disyjDvZLZ1iUZMsdcJRU93YzKiHU3WhR/j9MeehoP:xMS6SF0ZvZLZ1FcJuKKc/5FP

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks