Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    BakosFree2.exe

  • Size

    3.9MB

  • Sample

    240615-t62tys1ekj

  • MD5

    19276837bca67381f2d4f6620114c5df

  • SHA1

    06920810b84cd7cadcf963f8823917a2e77d5a49

  • SHA256

    8970a16295267765ab6b690e7f0d4d1e9bd5cc0b7a51d2d048bf069fcc8adc02

  • SHA512

    e4ea35848ba3877990e0379e599a8dd4ceff6ddaeaf8210194ac56ea305f2146da94e85af880984f5e8f1b5cc956243e17342ec6d22b341b90a940ac95c8be1d

  • SSDEEP

    98304:JU1gK9p2E9TV1IqWQ6mPVmzBA7xSU1j1drhljm+RJ:AL9p2UV1ovwmu1drhc0

Malware Config

Targets

    • Target

      BakosFree2.exe

    • Size

      3.9MB

    • MD5

      19276837bca67381f2d4f6620114c5df

    • SHA1

      06920810b84cd7cadcf963f8823917a2e77d5a49

    • SHA256

      8970a16295267765ab6b690e7f0d4d1e9bd5cc0b7a51d2d048bf069fcc8adc02

    • SHA512

      e4ea35848ba3877990e0379e599a8dd4ceff6ddaeaf8210194ac56ea305f2146da94e85af880984f5e8f1b5cc956243e17342ec6d22b341b90a940ac95c8be1d

    • SSDEEP

      98304:JU1gK9p2E9TV1IqWQ6mPVmzBA7xSU1j1drhljm+RJ:AL9p2UV1ovwmu1drhc0

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks