Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Magic.exe

  • Size

    5.2MB

  • Sample

    240819-yd2eyawekp

  • MD5

    12d40451b3de937fc0ad72cc141c5d22

  • SHA1

    51aca7369fb2684738b767cda80f38676b425510

  • SHA256

    532460e71a459573ab18ac3b844649dfbcf494e4f9f16303f2808bedefe47de1

  • SHA512

    e57c9c8b8cced5eefbb5bd9f0c22852278798cda68c0212cd4d3fb0840add659e9b90bcd71f6e1f5aef8c619561c101af76073c69cd4e7c00e31a9aa32cfb736

  • SSDEEP

    98304:aUz4SWLJwYVNlD6eqeLv9xhD/tTKb6+4xh8uRrjGeJw+7ywQnr6Nah5oCwcl0mN/:Dz4RFhHlDUqhB+4nhceJwsc6Nc5oCjll

Malware Config

Targets

    • Target

      Magic.exe

    • Size

      5.2MB

    • MD5

      12d40451b3de937fc0ad72cc141c5d22

    • SHA1

      51aca7369fb2684738b767cda80f38676b425510

    • SHA256

      532460e71a459573ab18ac3b844649dfbcf494e4f9f16303f2808bedefe47de1

    • SHA512

      e57c9c8b8cced5eefbb5bd9f0c22852278798cda68c0212cd4d3fb0840add659e9b90bcd71f6e1f5aef8c619561c101af76073c69cd4e7c00e31a9aa32cfb736

    • SSDEEP

      98304:aUz4SWLJwYVNlD6eqeLv9xhD/tTKb6+4xh8uRrjGeJw+7ywQnr6Nah5oCwcl0mN/:Dz4RFhHlDUqhB+4nhceJwsc6Nc5oCjll

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks