Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cdb8fca06c79e850a5cccbc57573c9e0d98c10e47ecaacb11d7e9ee5167927db

  • Size

    2.3MB

  • Sample

    240625-2pexvs1aqp

  • MD5

    373f190e1ecf686470f6896c3c5926e6

  • SHA1

    438baaadd09cfb929cb2730b6164d60c9c4b11b3

  • SHA256

    cdb8fca06c79e850a5cccbc57573c9e0d98c10e47ecaacb11d7e9ee5167927db

  • SHA512

    d54bf9c3b2e547abd24360477f9f91cb851d2b9a1daeaa0480ff4cc0e5a9d6f96fdf3e624fce612c9867e10788e899a5f295b06ca3bdeb8c6284a030749d84c4

  • SSDEEP

    49152:lNVIYr7zA29fEJ0Rpm9SzUXQtezDvYvYlIwrU5MIP20uD:fJuJ+m9SYXekRlI4hIRu

Score
9/10

Malware Config

Targets

    • Target

      cdb8fca06c79e850a5cccbc57573c9e0d98c10e47ecaacb11d7e9ee5167927db

    • Size

      2.3MB

    • MD5

      373f190e1ecf686470f6896c3c5926e6

    • SHA1

      438baaadd09cfb929cb2730b6164d60c9c4b11b3

    • SHA256

      cdb8fca06c79e850a5cccbc57573c9e0d98c10e47ecaacb11d7e9ee5167927db

    • SHA512

      d54bf9c3b2e547abd24360477f9f91cb851d2b9a1daeaa0480ff4cc0e5a9d6f96fdf3e624fce612c9867e10788e899a5f295b06ca3bdeb8c6284a030749d84c4

    • SSDEEP

      49152:lNVIYr7zA29fEJ0Rpm9SzUXQtezDvYvYlIwrU5MIP20uD:fJuJ+m9SYXekRlI4hIRu

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks