Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9e4d4500aee96a7526069b441c51d6c3dc34ff9b9e456656ff70cd02feabd695
-
Size
2.3MB
-
Sample
240627-r8tv1swema
-
MD5
6be2c97dab14a4d3cbd8631c70c0108f
-
SHA1
501367acaaf8b475fcb8af9d679aa222b1c3b18b
-
SHA256
9e4d4500aee96a7526069b441c51d6c3dc34ff9b9e456656ff70cd02feabd695
-
SHA512
dfba259d1bab62190667b0b4e3961bcb9997c0278dba3e673772c014ef99052dbfe4f11aaca10f43073e23f757d471a1d2981d8f419fdcacb09d19e161ccf1ee
-
SSDEEP
49152:+dDMmLsoQLaY6I1oRZsA7/xVFHeL2H3+Z8za2d:+p06nRuA7RW2X+o
Static task
static1
Behavioral task
behavioral1
Sample
9e4d4500aee96a7526069b441c51d6c3dc34ff9b9e456656ff70cd02feabd695.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral2
Sample
9e4d4500aee96a7526069b441c51d6c3dc34ff9b9e456656ff70cd02feabd695.exe
Resource
win11-20240508-en
Malware Config
Targets
-
-
Target
9e4d4500aee96a7526069b441c51d6c3dc34ff9b9e456656ff70cd02feabd695
-
Size
2.3MB
-
MD5
6be2c97dab14a4d3cbd8631c70c0108f
-
SHA1
501367acaaf8b475fcb8af9d679aa222b1c3b18b
-
SHA256
9e4d4500aee96a7526069b441c51d6c3dc34ff9b9e456656ff70cd02feabd695
-
SHA512
dfba259d1bab62190667b0b4e3961bcb9997c0278dba3e673772c014ef99052dbfe4f11aaca10f43073e23f757d471a1d2981d8f419fdcacb09d19e161ccf1ee
-
SSDEEP
49152:+dDMmLsoQLaY6I1oRZsA7/xVFHeL2H3+Z8za2d:+p06nRuA7RW2X+o
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-