Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9e4d4500aee96a7526069b441c51d6c3dc34ff9b9e456656ff70cd02feabd695

  • Size

    2.3MB

  • Sample

    240627-r8tv1swema

  • MD5

    6be2c97dab14a4d3cbd8631c70c0108f

  • SHA1

    501367acaaf8b475fcb8af9d679aa222b1c3b18b

  • SHA256

    9e4d4500aee96a7526069b441c51d6c3dc34ff9b9e456656ff70cd02feabd695

  • SHA512

    dfba259d1bab62190667b0b4e3961bcb9997c0278dba3e673772c014ef99052dbfe4f11aaca10f43073e23f757d471a1d2981d8f419fdcacb09d19e161ccf1ee

  • SSDEEP

    49152:+dDMmLsoQLaY6I1oRZsA7/xVFHeL2H3+Z8za2d:+p06nRuA7RW2X+o

Score
9/10

Malware Config

Targets

    • Target

      9e4d4500aee96a7526069b441c51d6c3dc34ff9b9e456656ff70cd02feabd695

    • Size

      2.3MB

    • MD5

      6be2c97dab14a4d3cbd8631c70c0108f

    • SHA1

      501367acaaf8b475fcb8af9d679aa222b1c3b18b

    • SHA256

      9e4d4500aee96a7526069b441c51d6c3dc34ff9b9e456656ff70cd02feabd695

    • SHA512

      dfba259d1bab62190667b0b4e3961bcb9997c0278dba3e673772c014ef99052dbfe4f11aaca10f43073e23f757d471a1d2981d8f419fdcacb09d19e161ccf1ee

    • SSDEEP

      49152:+dDMmLsoQLaY6I1oRZsA7/xVFHeL2H3+Z8za2d:+p06nRuA7RW2X+o

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks