Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    external_obf.exe

  • Size

    37.4MB

  • Sample

    240706-2qjmfavhjk

  • MD5

    04a2203440a8e4ad58e9383272d2e4c4

  • SHA1

    e8539a930e7feaf92e76a40a675afaee1f89fb2f

  • SHA256

    d7f93dd3cc29ddbcc20355213ecc35226f0db4ba42c47c166310c6c937dd5180

  • SHA512

    ac10acfbe4948b43f7b4ff6c311bca851958ab4ea21726c63125ac250853a704fbe6d4dda7ee2ae0176eeb3c4ce1c709e3784418463234d23ab767b473b6183b

  • SSDEEP

    786432:Vn89EgmKjPMXH2BeGpip+3dYPkiNE4apoc0:VnoEgJzGWBeGpzdY5E4moc0

Score
9/10

Malware Config

Targets

    • Target

      external_obf.exe

    • Size

      37.4MB

    • MD5

      04a2203440a8e4ad58e9383272d2e4c4

    • SHA1

      e8539a930e7feaf92e76a40a675afaee1f89fb2f

    • SHA256

      d7f93dd3cc29ddbcc20355213ecc35226f0db4ba42c47c166310c6c937dd5180

    • SHA512

      ac10acfbe4948b43f7b4ff6c311bca851958ab4ea21726c63125ac250853a704fbe6d4dda7ee2ae0176eeb3c4ce1c709e3784418463234d23ab767b473b6183b

    • SSDEEP

      786432:Vn89EgmKjPMXH2BeGpip+3dYPkiNE4apoc0:VnoEgJzGWBeGpzdY5E4moc0

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks