Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1c00b1b0437e537733dcc3c048a59ba3a373f4ab30a97fab21e20501fd081d15
-
Size
2.4MB
-
Sample
240622-eehjns1ajj
-
MD5
1d0710fba5166efb658d3d3907176d8b
-
SHA1
ab4a279bdbd13e7ca844463b360cc5ca37ebb522
-
SHA256
1c00b1b0437e537733dcc3c048a59ba3a373f4ab30a97fab21e20501fd081d15
-
SHA512
6ceadca1f68b3ee4871e920a9389a43ec133935337e87a60f57a0726fcccf6ce33a31554714fa93f86005042f2b22a493bcd54646eb5923bd8b4034649ff05ae
-
SSDEEP
49152:P7uCtkIH2S+UsCCrSRvDJTVG/bYX2LCNuZoDvZ85MG28Vn:PSIuUsCC2FDJTiq2NZqz8V
Static task
static1
Behavioral task
behavioral1
Sample
1c00b1b0437e537733dcc3c048a59ba3a373f4ab30a97fab21e20501fd081d15.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
risepro
77.91.77.66:58709
Targets
-
-
Target
1c00b1b0437e537733dcc3c048a59ba3a373f4ab30a97fab21e20501fd081d15
-
Size
2.4MB
-
MD5
1d0710fba5166efb658d3d3907176d8b
-
SHA1
ab4a279bdbd13e7ca844463b360cc5ca37ebb522
-
SHA256
1c00b1b0437e537733dcc3c048a59ba3a373f4ab30a97fab21e20501fd081d15
-
SHA512
6ceadca1f68b3ee4871e920a9389a43ec133935337e87a60f57a0726fcccf6ce33a31554714fa93f86005042f2b22a493bcd54646eb5923bd8b4034649ff05ae
-
SSDEEP
49152:P7uCtkIH2S+UsCCrSRvDJTVG/bYX2LCNuZoDvZ85MG28Vn:PSIuUsCC2FDJTiq2NZqz8V
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-