Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-08-26_dcc68b6c2cec13406c1cdd0e5f8cd9e3_mafia
-
Size
6.6MB
-
Sample
240826-kla13awgkq
-
MD5
dcc68b6c2cec13406c1cdd0e5f8cd9e3
-
SHA1
d41072cbfd3cb1ba48d67ff238368729d5ba6ca1
-
SHA256
e88822a680d16042ddf11c0eba10a07038a05ee0735fe4e9a3b0f22694e46b96
-
SHA512
b41d1cbae5cab11c6557efd88d4e83848f5b2d0c862480b21740594d8124014c571a624fa3b4ce172fe5973270cee1b89f04a71df091549c1fb65587ef18af20
-
SSDEEP
196608:na0vvN3x9OLIiOK8A+zZdCj85rbz0lHU3zOtlo:VN3+LY2inz0MzOro
Static task
static1
Behavioral task
behavioral1
Sample
2024-08-26_dcc68b6c2cec13406c1cdd0e5f8cd9e3_mafia.exe
Resource
win7-20240705-en
Malware Config
Targets
-
-
Target
2024-08-26_dcc68b6c2cec13406c1cdd0e5f8cd9e3_mafia
-
Size
6.6MB
-
MD5
dcc68b6c2cec13406c1cdd0e5f8cd9e3
-
SHA1
d41072cbfd3cb1ba48d67ff238368729d5ba6ca1
-
SHA256
e88822a680d16042ddf11c0eba10a07038a05ee0735fe4e9a3b0f22694e46b96
-
SHA512
b41d1cbae5cab11c6557efd88d4e83848f5b2d0c862480b21740594d8124014c571a624fa3b4ce172fe5973270cee1b89f04a71df091549c1fb65587ef18af20
-
SSDEEP
196608:na0vvN3x9OLIiOK8A+zZdCj85rbz0lHU3zOtlo:VN3+LY2inz0MzOro
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-