Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4fc8a0c9259d49d1d459f9a607daed77539323d10207e6585b01f2be1b04e4b4
-
Size
6.5MB
-
Sample
240817-ak4lwayhlr
-
MD5
22d9579b004ca74d5474dbcc945b05ee
-
SHA1
8a4ce174f7fc979c301dec1039d8c7b8206ba5c2
-
SHA256
4fc8a0c9259d49d1d459f9a607daed77539323d10207e6585b01f2be1b04e4b4
-
SHA512
01c6925cf9e736fb7d161a9d00be042f50fec4b4e2f1a1071db51e30b22dc026f6fbd858c12193c82fba5add859c0ae3d339e3f866de5f00f245f67ab1131150
-
SSDEEP
98304:0RU8h0WGyP71ObrnEyz/42+n0PoJqW2ZSGi6i:0RUMAEj2+n0PoJtN6i
Behavioral task
behavioral1
Sample
4fc8a0c9259d49d1d459f9a607daed77539323d10207e6585b01f2be1b04e4b4.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
4fc8a0c9259d49d1d459f9a607daed77539323d10207e6585b01f2be1b04e4b4
-
Size
6.5MB
-
MD5
22d9579b004ca74d5474dbcc945b05ee
-
SHA1
8a4ce174f7fc979c301dec1039d8c7b8206ba5c2
-
SHA256
4fc8a0c9259d49d1d459f9a607daed77539323d10207e6585b01f2be1b04e4b4
-
SHA512
01c6925cf9e736fb7d161a9d00be042f50fec4b4e2f1a1071db51e30b22dc026f6fbd858c12193c82fba5add859c0ae3d339e3f866de5f00f245f67ab1131150
-
SSDEEP
98304:0RU8h0WGyP71ObrnEyz/42+n0PoJqW2ZSGi6i:0RUMAEj2+n0PoJtN6i
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-