Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

7

craftrise-x64.exe

windows11-21h2-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    craftrise-x64.exe

  • Size

    15.2MB

  • Sample

    240802-sjqyhateqd

  • MD5

    3982ed9cde49aa9f32f50204c5f22c80

  • SHA1

    c9097e710fa660598b0ad93a2ec8f6b2e5ed077d

  • SHA256

    285f0acb1aa2cc58e7a509df3234ae8fb950d6942b1782050f4a62b405446cf1

  • SHA512

    70547254fd7619d97e6cff8b331fddcccb9eca45e0b3ba04158a8925864e26efe0bc10a282bdfb8dad21b65288c785b1b3c003e3dc2fc4a7299293d46f99dfe2

  • SSDEEP

    393216:T454ItsLe/L+RNYzj8bahTFYxTTxSL8XW5YNNCbimY:To4csLeDkNYnWEYxfzXW5VY

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      craftrise-x64.exe

    • Size

      15.2MB

    • MD5

      3982ed9cde49aa9f32f50204c5f22c80

    • SHA1

      c9097e710fa660598b0ad93a2ec8f6b2e5ed077d

    • SHA256

      285f0acb1aa2cc58e7a509df3234ae8fb950d6942b1782050f4a62b405446cf1

    • SHA512

      70547254fd7619d97e6cff8b331fddcccb9eca45e0b3ba04158a8925864e26efe0bc10a282bdfb8dad21b65288c785b1b3c003e3dc2fc4a7299293d46f99dfe2

    • SSDEEP

      393216:T454ItsLe/L+RNYzj8bahTFYxTTxSL8XW5YNNCbimY:To4csLeDkNYnWEYxfzXW5VY

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks