Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f058f5aaeabf13db0fd82837a40819ce6bc61b68bc2801878f77faae0694623e.exe
-
Size
3.0MB
-
Sample
240726-hms7xswcnd
-
MD5
2066b414de225c9f5423bbfc774a389c
-
SHA1
603b82dfb2f61dfc658637847a6eb7157601022b
-
SHA256
f058f5aaeabf13db0fd82837a40819ce6bc61b68bc2801878f77faae0694623e
-
SHA512
1f4ae6bc01254d0c551525ee87d3f680d5a97d08d8931799cda3a6c2bb4efd15686dc4ccd0062c23926249d54ed5de0149df7c386bc564e8be252a2cdaf73302
-
SSDEEP
49152:SaLQFiYDBA6UmeuxMKsLipOndP/UsfmztJYAfbPrev5y0svGYUFX5IVDuoDMOr8:SaYiy6TuxvsLgyMOmztCAfn8yN+JpK5P
Static task
static1
Behavioral task
behavioral1
Sample
f058f5aaeabf13db0fd82837a40819ce6bc61b68bc2801878f77faae0694623e.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
f058f5aaeabf13db0fd82837a40819ce6bc61b68bc2801878f77faae0694623e.exe
-
Size
3.0MB
-
MD5
2066b414de225c9f5423bbfc774a389c
-
SHA1
603b82dfb2f61dfc658637847a6eb7157601022b
-
SHA256
f058f5aaeabf13db0fd82837a40819ce6bc61b68bc2801878f77faae0694623e
-
SHA512
1f4ae6bc01254d0c551525ee87d3f680d5a97d08d8931799cda3a6c2bb4efd15686dc4ccd0062c23926249d54ed5de0149df7c386bc564e8be252a2cdaf73302
-
SSDEEP
49152:SaLQFiYDBA6UmeuxMKsLipOndP/UsfmztJYAfbPrev5y0svGYUFX5IVDuoDMOr8:SaYiy6TuxvsLgyMOmztCAfn8yN+JpK5P
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-