Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Zukigiunlocker.exe
-
Size
9.3MB
-
Sample
240928-rk5bvasfma
-
MD5
483c79ecb7978584e4a025d801aa27e2
-
SHA1
50394f5b488ec1f045f8eedbbe38d1222d5eb6f5
-
SHA256
9d1f327a29485d68c0c288e449c0e3bd2634b78dac886775b84912c220e85c06
-
SHA512
f7c8a884f23ec42a25551e874fa7568e7aa0e074b7816d42a585d37ea11a2883a9cf19fb82552a40446daafebad26be56ddc03223de27ad8b1f72a20fcfe1718
-
SSDEEP
196608:iKIOsVbOk+0rasQ64lhPgh9QpxeQlEorvAI5YDTi8J4yn4:oxxOH0rVf4LPgXforYISiE4j
Static task
static1
Behavioral task
behavioral1
Sample
Zukigiunlocker.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
Zukigiunlocker.exe
-
Size
9.3MB
-
MD5
483c79ecb7978584e4a025d801aa27e2
-
SHA1
50394f5b488ec1f045f8eedbbe38d1222d5eb6f5
-
SHA256
9d1f327a29485d68c0c288e449c0e3bd2634b78dac886775b84912c220e85c06
-
SHA512
f7c8a884f23ec42a25551e874fa7568e7aa0e074b7816d42a585d37ea11a2883a9cf19fb82552a40446daafebad26be56ddc03223de27ad8b1f72a20fcfe1718
-
SSDEEP
196608:iKIOsVbOk+0rasQ64lhPgh9QpxeQlEorvAI5YDTi8J4yn4:oxxOH0rVf4LPgXforYISiE4j
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Looks for VirtualBox Guest Additions in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-