Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8fa39294fdb557ded34fd2364b49a75dd1195983c4b2e1dfc8343e696d8e9302
-
Size
3.3MB
-
Sample
240818-3c54ys1amf
-
MD5
f7cfdb674df05992c5c7de2779c455d9
-
SHA1
ee537d50e9c6d72983311d717428f761adb79072
-
SHA256
8fa39294fdb557ded34fd2364b49a75dd1195983c4b2e1dfc8343e696d8e9302
-
SHA512
3d6fa1152d1efe44f62ba41cd8a7bf7c492498ef4c60460df427defb5b1efa537a816a4497d76e4fb2348089fbf889c172af0d177a35403d4be578663ea878ce
-
SSDEEP
98304:W1GO/iat+Z5EUvQA/L4QzGJX+TnSEwTbeSMqfI:W8OKatQEYQ8jqXWnyTvfI
Behavioral task
behavioral1
Sample
8fa39294fdb557ded34fd2364b49a75dd1195983c4b2e1dfc8343e696d8e9302.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
8fa39294fdb557ded34fd2364b49a75dd1195983c4b2e1dfc8343e696d8e9302.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
metasploit
metasploit_stager
192.168.40.128:9999
Targets
-
-
Target
8fa39294fdb557ded34fd2364b49a75dd1195983c4b2e1dfc8343e696d8e9302
-
Size
3.3MB
-
MD5
f7cfdb674df05992c5c7de2779c455d9
-
SHA1
ee537d50e9c6d72983311d717428f761adb79072
-
SHA256
8fa39294fdb557ded34fd2364b49a75dd1195983c4b2e1dfc8343e696d8e9302
-
SHA512
3d6fa1152d1efe44f62ba41cd8a7bf7c492498ef4c60460df427defb5b1efa537a816a4497d76e4fb2348089fbf889c172af0d177a35403d4be578663ea878ce
-
SSDEEP
98304:W1GO/iat+Z5EUvQA/L4QzGJX+TnSEwTbeSMqfI:W8OKatQEYQ8jqXWnyTvfI
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-