Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2eafb6bf9dddfb1449a3a2731a9d7eb31446c80be1b02b7e95082c72158042f8
-
Size
3.3MB
-
Sample
240913-hshndazfln
-
MD5
734edb8a35204d2bbd8d9fdfda4eac9e
-
SHA1
98d4bd06bc39b588deccdf23f5d703bba8441cd6
-
SHA256
2eafb6bf9dddfb1449a3a2731a9d7eb31446c80be1b02b7e95082c72158042f8
-
SHA512
ba4fd16bf904983b06a1e6e7c56cced1533a66833817a2dd29b3329d2df64180e3d26482bfed7249af0ab6d0f2180cc35a275b353eb723a78ea9818e6c306952
-
SSDEEP
98304:T4Vqe+qz5WUjIq4AzZULdYem4MsveZ8Xk:10xWdYeTMC1
Behavioral task
behavioral1
Sample
2eafb6bf9dddfb1449a3a2731a9d7eb31446c80be1b02b7e95082c72158042f8.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2eafb6bf9dddfb1449a3a2731a9d7eb31446c80be1b02b7e95082c72158042f8
-
Size
3.3MB
-
MD5
734edb8a35204d2bbd8d9fdfda4eac9e
-
SHA1
98d4bd06bc39b588deccdf23f5d703bba8441cd6
-
SHA256
2eafb6bf9dddfb1449a3a2731a9d7eb31446c80be1b02b7e95082c72158042f8
-
SHA512
ba4fd16bf904983b06a1e6e7c56cced1533a66833817a2dd29b3329d2df64180e3d26482bfed7249af0ab6d0f2180cc35a275b353eb723a78ea9818e6c306952
-
SSDEEP
98304:T4Vqe+qz5WUjIq4AzZULdYem4MsveZ8Xk:10xWdYeTMC1
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-