Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
MantiWPF.zip
-
Size
28.3MB
-
Sample
240710-v3eexszgln
-
MD5
acd904a1add5eea11da0ad18a03ee36d
-
SHA1
a82a337b619c5cecd1a37ad84c2f30dba4b9e72e
-
SHA256
70bc8d54d4279b6eab3b711c4bc08f094c5af2ee873eb65346573de20ccb3f74
-
SHA512
09663e2f727674f344eff6bba584d899d3eedff3d19c558e247a5d93d9774da1ba0ffca91c55c4058cc2b19ddd8896a976a83be508cccbb5791af87d1ad0ea7f
-
SSDEEP
393216:s7INwZwtwEli9pvTpVRwgjg9dTajLv7YNzbzo4jtlMdzUUxmG0+54TpLVsEeRxX6:sE/6ElWpv1VKgs9RiL7MlMM+5wGiie5R
Static task
static1
Malware Config
Targets
-
-
Target
MantiWPF.zip
-
Size
28.3MB
-
MD5
acd904a1add5eea11da0ad18a03ee36d
-
SHA1
a82a337b619c5cecd1a37ad84c2f30dba4b9e72e
-
SHA256
70bc8d54d4279b6eab3b711c4bc08f094c5af2ee873eb65346573de20ccb3f74
-
SHA512
09663e2f727674f344eff6bba584d899d3eedff3d19c558e247a5d93d9774da1ba0ffca91c55c4058cc2b19ddd8896a976a83be508cccbb5791af87d1ad0ea7f
-
SSDEEP
393216:s7INwZwtwEli9pvTpVRwgjg9dTajLv7YNzbzo4jtlMdzUUxmG0+54TpLVsEeRxX6:sE/6ElWpv1VKgs9RiL7MlMM+5wGiie5R
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-