Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
external_obf.exe
-
Size
37.4MB
-
Sample
240706-2qjmfavhjk
-
MD5
04a2203440a8e4ad58e9383272d2e4c4
-
SHA1
e8539a930e7feaf92e76a40a675afaee1f89fb2f
-
SHA256
d7f93dd3cc29ddbcc20355213ecc35226f0db4ba42c47c166310c6c937dd5180
-
SHA512
ac10acfbe4948b43f7b4ff6c311bca851958ab4ea21726c63125ac250853a704fbe6d4dda7ee2ae0176eeb3c4ce1c709e3784418463234d23ab767b473b6183b
-
SSDEEP
786432:Vn89EgmKjPMXH2BeGpip+3dYPkiNE4apoc0:VnoEgJzGWBeGpzdY5E4moc0
Static task
static1
Behavioral task
behavioral1
Sample
external_obf.exe
Resource
win7-20240705-en
Malware Config
Targets
-
-
Target
external_obf.exe
-
Size
37.4MB
-
MD5
04a2203440a8e4ad58e9383272d2e4c4
-
SHA1
e8539a930e7feaf92e76a40a675afaee1f89fb2f
-
SHA256
d7f93dd3cc29ddbcc20355213ecc35226f0db4ba42c47c166310c6c937dd5180
-
SHA512
ac10acfbe4948b43f7b4ff6c311bca851958ab4ea21726c63125ac250853a704fbe6d4dda7ee2ae0176eeb3c4ce1c709e3784418463234d23ab767b473b6183b
-
SSDEEP
786432:Vn89EgmKjPMXH2BeGpip+3dYPkiNE4apoc0:VnoEgJzGWBeGpzdY5E4moc0
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-