Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b90d12e54c149a9b15e95761ba99920b5587e675ad36651837ecc8f75dbdf090
-
Size
14.4MB
-
Sample
240809-fpkx8axblj
-
MD5
09ba58f675e9afda6d0d167a07a1dc6e
-
SHA1
54295cc2221cc4226785dae11bed4da9ca7a5686
-
SHA256
b90d12e54c149a9b15e95761ba99920b5587e675ad36651837ecc8f75dbdf090
-
SHA512
ee0107801a1cbc39657bb28b9e8c3295192aa2dd720fad3332bdf48079bd25cdfb569751ef069ab9ea5d4232e73cabe89799439806d0d59ebf85b2a3bea8adf2
-
SSDEEP
393216:QsDW1Lps9BPD+oJg3PjTJC1H5UfWSt/WS3402w:QsKlpEtSoJaPj94C/WR0H
Static task
static1
Behavioral task
behavioral1
Sample
b90d12e54c149a9b15e95761ba99920b5587e675ad36651837ecc8f75dbdf090.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
b90d12e54c149a9b15e95761ba99920b5587e675ad36651837ecc8f75dbdf090.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
b90d12e54c149a9b15e95761ba99920b5587e675ad36651837ecc8f75dbdf090
-
Size
14.4MB
-
MD5
09ba58f675e9afda6d0d167a07a1dc6e
-
SHA1
54295cc2221cc4226785dae11bed4da9ca7a5686
-
SHA256
b90d12e54c149a9b15e95761ba99920b5587e675ad36651837ecc8f75dbdf090
-
SHA512
ee0107801a1cbc39657bb28b9e8c3295192aa2dd720fad3332bdf48079bd25cdfb569751ef069ab9ea5d4232e73cabe89799439806d0d59ebf85b2a3bea8adf2
-
SSDEEP
393216:QsDW1Lps9BPD+oJg3PjTJC1H5UfWSt/WS3402w:QsKlpEtSoJaPj94C/WR0H
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-