Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

7

plague.dll

windows7-x64

9

plague.dll

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    plague.dll

  • Size

    7.3MB

  • Sample

    240928-1n5apazhpc

  • MD5

    5d177316057ec58d89fddf79086a3537

  • SHA1

    61d44161638d588a85ffaec513c4649f2c5cace7

  • SHA256

    5584d5f832cef25230c455f694ede3441a296212fa0f9fcc44dabc5ea19b729f

  • SHA512

    4546a716349a54d74ccde2fcd8c793c8c00a1b2751271cab46afc17b5a0bc93db90307c8670546dc8420dfd195f89137dfa36c132029e5842170d0f16c801dc8

  • SSDEEP

    196608:rce4jVTcMkxmCJ+EyooJspcNjJ00XkPeQbLq34:c5gJoecNjGekHbt

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      plague.dll

    • Size

      7.3MB

    • MD5

      5d177316057ec58d89fddf79086a3537

    • SHA1

      61d44161638d588a85ffaec513c4649f2c5cace7

    • SHA256

      5584d5f832cef25230c455f694ede3441a296212fa0f9fcc44dabc5ea19b729f

    • SHA512

      4546a716349a54d74ccde2fcd8c793c8c00a1b2751271cab46afc17b5a0bc93db90307c8670546dc8420dfd195f89137dfa36c132029e5842170d0f16c801dc8

    • SSDEEP

      196608:rce4jVTcMkxmCJ+EyooJspcNjJ00XkPeQbLq34:c5gJoecNjGekHbt

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks