Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4fc8a0c9259d49d1d459f9a607daed77539323d10207e6585b01f2be1b04e4b4

  • Size

    6.5MB

  • Sample

    240817-ak4lwayhlr

  • MD5

    22d9579b004ca74d5474dbcc945b05ee

  • SHA1

    8a4ce174f7fc979c301dec1039d8c7b8206ba5c2

  • SHA256

    4fc8a0c9259d49d1d459f9a607daed77539323d10207e6585b01f2be1b04e4b4

  • SHA512

    01c6925cf9e736fb7d161a9d00be042f50fec4b4e2f1a1071db51e30b22dc026f6fbd858c12193c82fba5add859c0ae3d339e3f866de5f00f245f67ab1131150

  • SSDEEP

    98304:0RU8h0WGyP71ObrnEyz/42+n0PoJqW2ZSGi6i:0RUMAEj2+n0PoJtN6i

Malware Config

Targets

    • Target

      4fc8a0c9259d49d1d459f9a607daed77539323d10207e6585b01f2be1b04e4b4

    • Size

      6.5MB

    • MD5

      22d9579b004ca74d5474dbcc945b05ee

    • SHA1

      8a4ce174f7fc979c301dec1039d8c7b8206ba5c2

    • SHA256

      4fc8a0c9259d49d1d459f9a607daed77539323d10207e6585b01f2be1b04e4b4

    • SHA512

      01c6925cf9e736fb7d161a9d00be042f50fec4b4e2f1a1071db51e30b22dc026f6fbd858c12193c82fba5add859c0ae3d339e3f866de5f00f245f67ab1131150

    • SSDEEP

      98304:0RU8h0WGyP71ObrnEyz/42+n0PoJqW2ZSGi6i:0RUMAEj2+n0PoJtN6i

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks