Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    MWIII (4).exe

  • Size

    5.6MB

  • Sample

    240716-msjynaycqn

  • MD5

    b476586a746d1c9f0571b23d6e0f8eb0

  • SHA1

    f9ecd837efba745d191f2f5e2f6961b3c2312d7a

  • SHA256

    f97a31c132cf5472952069dbbd483f80d2e6ce2f22f0808cfe9e2fc1de191e9c

  • SHA512

    8b3914081b897fbf9bcc913322e1083bac4c8620f54cb0e6710e6b058af2b6ceea3e4cf8533a534c757506d5ae1ab66d161f25b34abe37e5f4c01fb5c701ea1a

  • SSDEEP

    98304:RXXO/G3+KDPHMNelEWoZqclpBq1JBKatE+vLcSPGkmBmdFmJQrers8+ui:dOe3hHUMEWoQef+KuE+zcOGkmBQFFB8y

Malware Config

Targets

    • Target

      MWIII (4).exe

    • Size

      5.6MB

    • MD5

      b476586a746d1c9f0571b23d6e0f8eb0

    • SHA1

      f9ecd837efba745d191f2f5e2f6961b3c2312d7a

    • SHA256

      f97a31c132cf5472952069dbbd483f80d2e6ce2f22f0808cfe9e2fc1de191e9c

    • SHA512

      8b3914081b897fbf9bcc913322e1083bac4c8620f54cb0e6710e6b058af2b6ceea3e4cf8533a534c757506d5ae1ab66d161f25b34abe37e5f4c01fb5c701ea1a

    • SSDEEP

      98304:RXXO/G3+KDPHMNelEWoZqclpBq1JBKatE+vLcSPGkmBmdFmJQrers8+ui:dOe3hHUMEWoQef+KuE+zcOGkmBQFFB8y

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks