Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3.2.5_protected.exe
-
Size
4.6MB
-
Sample
240930-zgz7qathqq
-
MD5
745ec5c98a6ad15d28d86fb1bfcba633
-
SHA1
88796dd0bb9292c06ecf10300855c7113e51cda1
-
SHA256
ec6b6962c9f928398fbb568907df16bee8d54fe50f62a6ab6414a31b28b042fb
-
SHA512
159a5c81773629ac775f8b68cf7930ea6c0c885ec32d2e67bb557b8a6924018d06b05434b8e0b8dca56ad7327586b54d67eb9ad0a02a70ecf0dfe3c2cf604618
-
SSDEEP
98304:ELvqHMnmk9icnr5iElJmfC9Llghv4qJlKYqhMiEw/BTdMkoMBUs9vqfuN:xs1VnN7Dt03JcEwpTdISx17N
Behavioral task
behavioral1
Sample
3.2.5_protected.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
3.2.5_protected.exe
-
Size
4.6MB
-
MD5
745ec5c98a6ad15d28d86fb1bfcba633
-
SHA1
88796dd0bb9292c06ecf10300855c7113e51cda1
-
SHA256
ec6b6962c9f928398fbb568907df16bee8d54fe50f62a6ab6414a31b28b042fb
-
SHA512
159a5c81773629ac775f8b68cf7930ea6c0c885ec32d2e67bb557b8a6924018d06b05434b8e0b8dca56ad7327586b54d67eb9ad0a02a70ecf0dfe3c2cf604618
-
SSDEEP
98304:ELvqHMnmk9icnr5iElJmfC9Llghv4qJlKYqhMiEw/BTdMkoMBUs9vqfuN:xs1VnN7Dt03JcEwpTdISx17N
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-