Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b6a8bb6b261bde529acb07c7a780fcb7a582db14da397adcdf7352533e1b371a

  • Size

    2.3MB

  • Sample

    240703-kchpjsvbne

  • MD5

    4e69247d41d75a4b1c61563092ac9d55

  • SHA1

    7567248c7045cda07ce9bf93c838952d4a646aec

  • SHA256

    b6a8bb6b261bde529acb07c7a780fcb7a582db14da397adcdf7352533e1b371a

  • SHA512

    322fa972e48c5ee0d7f8f4e94605036c13754aee6e6ee1cf3d5faeae34a3a257c129bab401aa4644dbd7c57504d0c8a977033e2e40e5d4fe98aaca372a75eef5

  • SSDEEP

    49152:Lok2vyC4dYAf0cTXjuQ2NSHGYi2wXs5ubjqAUqakUsJ6NbR:UkYOjyAH1us5u2qXj

Score
9/10

Malware Config

Targets

    • Target

      b6a8bb6b261bde529acb07c7a780fcb7a582db14da397adcdf7352533e1b371a

    • Size

      2.3MB

    • MD5

      4e69247d41d75a4b1c61563092ac9d55

    • SHA1

      7567248c7045cda07ce9bf93c838952d4a646aec

    • SHA256

      b6a8bb6b261bde529acb07c7a780fcb7a582db14da397adcdf7352533e1b371a

    • SHA512

      322fa972e48c5ee0d7f8f4e94605036c13754aee6e6ee1cf3d5faeae34a3a257c129bab401aa4644dbd7c57504d0c8a977033e2e40e5d4fe98aaca372a75eef5

    • SSDEEP

      49152:Lok2vyC4dYAf0cTXjuQ2NSHGYi2wXs5ubjqAUqakUsJ6NbR:UkYOjyAH1us5u2qXj

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks