Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

deluxe.rar

windows10-2004-x64

9

razor.dll

windows10-2004-x64

1

vt-private.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    deluxe.rar

  • Size

    6.1MB

  • Sample

    240930-x4dwwsvgjb

  • MD5

    34072e4db982f8884196c49b7b0a52d4

  • SHA1

    22131dc8521d1d65c5c914b9878411b3c8298c3f

  • SHA256

    357afe4db43e277cd3815e3e1d68236b3be3881ac2f45fdf2d6fe22009303654

  • SHA512

    c1323dd0dde8c6ad4529b0ffa661514e9246eab0d787047ae43c9251e5d349a7ccba888c4d2fa242922e65b9abe20d2bf8f62e41c515a2c0e3095b28ecaac139

  • SSDEEP

    196608:L1dTMi4yLqasIwJV6vEn+NO3eNiwzCAnKxCC1:L1N7LqB+NtTkYC1

Score
9/10
discoveryevasion

Malware Config

Targets

    • Target

      deluxe.rar

    • Size

      6.1MB

    • MD5

      34072e4db982f8884196c49b7b0a52d4

    • SHA1

      22131dc8521d1d65c5c914b9878411b3c8298c3f

    • SHA256

      357afe4db43e277cd3815e3e1d68236b3be3881ac2f45fdf2d6fe22009303654

    • SHA512

      c1323dd0dde8c6ad4529b0ffa661514e9246eab0d787047ae43c9251e5d349a7ccba888c4d2fa242922e65b9abe20d2bf8f62e41c515a2c0e3095b28ecaac139

    • SSDEEP

      196608:L1dTMi4yLqasIwJV6vEn+NO3eNiwzCAnKxCC1:L1N7LqB+NtTkYC1

    Score
    9/10
    discoveryevasion

    • Looks for VirtualBox Guest Additions in registry

      evasion

    • Looks for VMWare Tools registry key

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1

    • Target

      razor.dll

    • Size

      16KB

    • MD5

      578b2b4e1952b8c77272cb16356364d1

    • SHA1

      e37b9bec37bc79eab5e2a2c9df9ebc1f05f33483

    • SHA256

      a484a6f81ede0fa55f10d8a4e74b62d850925aefbd623c19af7c532df166c386

    • SHA512

      d0d0de4c7d20e031517e3f52f077dd82415ed75904f8a9bc8576cb783b1fdca5d18aa88a0acfb3011dfa90d710c7a9d6ca0d4e5484669149cd5f6eaadd4f16f1

    • SSDEEP

      192:hvZC55a92AlxDI6pJjhnjF8cQA+EZrd0lOtxw0/z0iDCCwJ:h8G92SI2tBjj5+SraAr70NCwJ

    Score
    1/10
    behavioral2

    • Target

      vt-private.exe

    • Size

      6.7MB

    • MD5

      cae02f0f4b3c24d1b6cd08fc2e66f79d

    • SHA1

      c1b71f6c94b6c94f20e89ec776c3db0db61300c3

    • SHA256

      e6a2f2d04125886c38d5dd310e10188f3e06e7c6c0bb147bedf752dc7b7966c3

    • SHA512

      0deed9a9ce2c9be94f68c1ea03c2d1604c689dc905d84df6ebf5a452b1efb8cdf0cac96fb68268b23f2785dac6d27f89c398f97365ae2c1e395b1e8565a52265

    • SSDEEP

      98304:Go/LmXvLJSz5yiU6/t3uHRfYHexIuCn74D60uStSEboM0tv7L3wXKuX:iLiyiU6/t3ux+e+QG0uvphtzLAH

    Score
    9/10
    evasion

    • Looks for VirtualBox Guest Additions in registry

      evasion

    • Looks for VMWare Tools registry key

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral3

MITRE ATT&CK Enterprise v15

Tasks