Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
craftrise-x64.exe
-
Size
15.2MB
-
Sample
240802-sjqyhateqd
-
MD5
3982ed9cde49aa9f32f50204c5f22c80
-
SHA1
c9097e710fa660598b0ad93a2ec8f6b2e5ed077d
-
SHA256
285f0acb1aa2cc58e7a509df3234ae8fb950d6942b1782050f4a62b405446cf1
-
SHA512
70547254fd7619d97e6cff8b331fddcccb9eca45e0b3ba04158a8925864e26efe0bc10a282bdfb8dad21b65288c785b1b3c003e3dc2fc4a7299293d46f99dfe2
-
SSDEEP
393216:T454ItsLe/L+RNYzj8bahTFYxTTxSL8XW5YNNCbimY:To4csLeDkNYnWEYxfzXW5VY
Malware Config
Targets
-
-
Target
craftrise-x64.exe
-
Size
15.2MB
-
MD5
3982ed9cde49aa9f32f50204c5f22c80
-
SHA1
c9097e710fa660598b0ad93a2ec8f6b2e5ed077d
-
SHA256
285f0acb1aa2cc58e7a509df3234ae8fb950d6942b1782050f4a62b405446cf1
-
SHA512
70547254fd7619d97e6cff8b331fddcccb9eca45e0b3ba04158a8925864e26efe0bc10a282bdfb8dad21b65288c785b1b3c003e3dc2fc4a7299293d46f99dfe2
-
SSDEEP
393216:T454ItsLe/L+RNYzj8bahTFYxTTxSL8XW5YNNCbimY:To4csLeDkNYnWEYxfzXW5VY
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-