Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cheat.exe
-
Size
4.1MB
-
Sample
240903-k5439atfma
-
MD5
6fd0a6bde1c7f98b42f85def867dc08f
-
SHA1
b33ee3eb5bdcfbc0cf8bdc83401a214f3bfb7ddf
-
SHA256
b4c194f60941fa1394b3729ff1a14ca5fd58c1d732ca4a63df73617ce8a58408
-
SHA512
db43200848a57369d630396f0cb0c1e95f9f9092cbaee10757bfa9a9a9736547c518e47703637af2f36615936e6b1b369a9fd285d1456e7815f4ffbf40064fcd
-
SSDEEP
98304:YfQ/pXCIFNOtlshviBmNUgMKM2fL96+zR55j664OHzkw6W:6QzMtlshvim/VLo8S6CW
Behavioral task
behavioral1
Sample
cheat.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
cheat.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
cheat.exe
-
Size
4.1MB
-
MD5
6fd0a6bde1c7f98b42f85def867dc08f
-
SHA1
b33ee3eb5bdcfbc0cf8bdc83401a214f3bfb7ddf
-
SHA256
b4c194f60941fa1394b3729ff1a14ca5fd58c1d732ca4a63df73617ce8a58408
-
SHA512
db43200848a57369d630396f0cb0c1e95f9f9092cbaee10757bfa9a9a9736547c518e47703637af2f36615936e6b1b369a9fd285d1456e7815f4ffbf40064fcd
-
SSDEEP
98304:YfQ/pXCIFNOtlshviBmNUgMKM2fL96+zR55j664OHzkw6W:6QzMtlshvim/VLo8S6CW
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Sets service image path in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-