Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Magic.exe
-
Size
5.2MB
-
Sample
240819-yd2eyawekp
-
MD5
12d40451b3de937fc0ad72cc141c5d22
-
SHA1
51aca7369fb2684738b767cda80f38676b425510
-
SHA256
532460e71a459573ab18ac3b844649dfbcf494e4f9f16303f2808bedefe47de1
-
SHA512
e57c9c8b8cced5eefbb5bd9f0c22852278798cda68c0212cd4d3fb0840add659e9b90bcd71f6e1f5aef8c619561c101af76073c69cd4e7c00e31a9aa32cfb736
-
SSDEEP
98304:aUz4SWLJwYVNlD6eqeLv9xhD/tTKb6+4xh8uRrjGeJw+7ywQnr6Nah5oCwcl0mN/:Dz4RFhHlDUqhB+4nhceJwsc6Nc5oCjll
Malware Config
Targets
-
-
Target
Magic.exe
-
Size
5.2MB
-
MD5
12d40451b3de937fc0ad72cc141c5d22
-
SHA1
51aca7369fb2684738b767cda80f38676b425510
-
SHA256
532460e71a459573ab18ac3b844649dfbcf494e4f9f16303f2808bedefe47de1
-
SHA512
e57c9c8b8cced5eefbb5bd9f0c22852278798cda68c0212cd4d3fb0840add659e9b90bcd71f6e1f5aef8c619561c101af76073c69cd4e7c00e31a9aa32cfb736
-
SSDEEP
98304:aUz4SWLJwYVNlD6eqeLv9xhD/tTKb6+4xh8uRrjGeJw+7ywQnr6Nah5oCwcl0mN/:Dz4RFhHlDUqhB+4nhceJwsc6Nc5oCjll
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-