Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Trixx_Spoofer_protected (1).exe
-
Size
3.5MB
-
Sample
240806-gw38ta1fnl
-
MD5
1ebe588f34203da1d42e36a7aa7e5cd1
-
SHA1
5ed14541f50df5106c77dddf22326092c9d1c23f
-
SHA256
a93a40597266db70576237aeb0f944358a5988ce0bd4799d2f9438ace11bbc48
-
SHA512
2e867970d8d4e5f1ee17321f8e3f2dfc5e4e901ed859d40082e19ff8684f8ce1eb1537055cf70b36b294fecb0a2ba26af33687cd14d6ff0f99975d9f6cceadc8
-
SSDEEP
98304:MWzu1SEzVBy7IRcEU9+CjJ3BCsNy3Ab/EqEVgtDQ:MRj7ywg++Rdg3ArEqEg2
Behavioral task
behavioral1
Sample
Trixx_Spoofer_protected (1).exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
Trixx_Spoofer_protected (1).exe
-
Size
3.5MB
-
MD5
1ebe588f34203da1d42e36a7aa7e5cd1
-
SHA1
5ed14541f50df5106c77dddf22326092c9d1c23f
-
SHA256
a93a40597266db70576237aeb0f944358a5988ce0bd4799d2f9438ace11bbc48
-
SHA512
2e867970d8d4e5f1ee17321f8e3f2dfc5e4e901ed859d40082e19ff8684f8ce1eb1537055cf70b36b294fecb0a2ba26af33687cd14d6ff0f99975d9f6cceadc8
-
SSDEEP
98304:MWzu1SEzVBy7IRcEU9+CjJ3BCsNy3Ab/EqEVgtDQ:MRj7ywg++Rdg3ArEqEg2
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-