Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
weave.exe
-
Size
3.1MB
-
Sample
240907-ec96xatdne
-
MD5
a1b6a96519aaa206ac30aad7088e3242
-
SHA1
04bf79e8c40f4cda2a4b345ef1467e159bdb0fae
-
SHA256
7dd55d5932f394089ef875e89fb0c92edfa507ce096715e4928e08a0001079cd
-
SHA512
430fa2394e0a338f0fdb9efd6ce14ccab6ed4d0367e2ac58becef37a0f78b9d0675a33f6e7234fe76df29b39e7a16cfc097c89b3c78d5224ae669d928b11e086
-
SSDEEP
98304:dV5Cx40FHvu+ST0sI0aT7qrloC3Y2dSB6rWo4Bud5:FM40FGtAjrT7kloC3Y24ri
Behavioral task
behavioral1
Sample
weave.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
weave.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
weave.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
weave.exe
-
Size
3.1MB
-
MD5
a1b6a96519aaa206ac30aad7088e3242
-
SHA1
04bf79e8c40f4cda2a4b345ef1467e159bdb0fae
-
SHA256
7dd55d5932f394089ef875e89fb0c92edfa507ce096715e4928e08a0001079cd
-
SHA512
430fa2394e0a338f0fdb9efd6ce14ccab6ed4d0367e2ac58becef37a0f78b9d0675a33f6e7234fe76df29b39e7a16cfc097c89b3c78d5224ae669d928b11e086
-
SSDEEP
98304:dV5Cx40FHvu+ST0sI0aT7qrloC3Y2dSB6rWo4Bud5:FM40FGtAjrT7kloC3Y24ri
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-