Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
sample.exe
-
Size
8.2MB
-
Sample
240614-lj2xfaycqj
-
MD5
e7d9ee8f6f2118fc5b90ed77ac1803e9
-
SHA1
1c3b0135d62b1305e7fc0f392249b76ae3bb6d4a
-
SHA256
f77ad888887105bd7bd8fddc646e11445d0378a8d2443cd6f50fc00f3834af41
-
SHA512
5ad37843243bc7360ca88d56fb829b7f5219561d41e9f5befda24002796003dca5e18b41233d4c5ea0c70415e466ed76ac0018a032de5d300d04a31dd1d03550
-
SSDEEP
196608:fG3NU4pkOiBvZxLRJR99dwBMqFJ+hIESNxEc3m:sNUv5/NL99dwBMqOsY0m
Behavioral task
behavioral1
Sample
sample.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
sample.exe
-
Size
8.2MB
-
MD5
e7d9ee8f6f2118fc5b90ed77ac1803e9
-
SHA1
1c3b0135d62b1305e7fc0f392249b76ae3bb6d4a
-
SHA256
f77ad888887105bd7bd8fddc646e11445d0378a8d2443cd6f50fc00f3834af41
-
SHA512
5ad37843243bc7360ca88d56fb829b7f5219561d41e9f5befda24002796003dca5e18b41233d4c5ea0c70415e466ed76ac0018a032de5d300d04a31dd1d03550
-
SSDEEP
196608:fG3NU4pkOiBvZxLRJR99dwBMqFJ+hIESNxEc3m:sNUv5/NL99dwBMqOsY0m
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-