Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
66dfcfc986c4df1907e40c74d4c0e5d7c4b1c5691601344ab2285680af7e063c.exe
-
Size
1.8MB
-
Sample
241013-hd8w1sxgqk
-
MD5
c6779f62078eb895e8aa118717b62ed9
-
SHA1
f7902cacb621c59e8d026f0f2b7cad231a20dd26
-
SHA256
66dfcfc986c4df1907e40c74d4c0e5d7c4b1c5691601344ab2285680af7e063c
-
SHA512
77839fd07b9082a2c2cb966fdb2e455641f72d5bdcd1eb4affe971b9e8f721c126e6ff55b4110fc25fd45b8877621de00af071d1f90621d3421dea276a834332
-
SSDEEP
49152:k6b5m+XIbIdcQ7VfSUkHJHFbb+rq7v5mida7Q:k65IEdh7Y3pFbmq7v5xS
Static task
static1
Behavioral task
behavioral1
Sample
66dfcfc986c4df1907e40c74d4c0e5d7c4b1c5691601344ab2285680af7e063c.exe
Resource
win7-20240903-en
Malware Config
Extracted
stealc
doma
http://185.215.113.37
-
url_path
/e2b1563c6670f193.php
Targets
-
-
Target
66dfcfc986c4df1907e40c74d4c0e5d7c4b1c5691601344ab2285680af7e063c.exe
-
Size
1.8MB
-
MD5
c6779f62078eb895e8aa118717b62ed9
-
SHA1
f7902cacb621c59e8d026f0f2b7cad231a20dd26
-
SHA256
66dfcfc986c4df1907e40c74d4c0e5d7c4b1c5691601344ab2285680af7e063c
-
SHA512
77839fd07b9082a2c2cb966fdb2e455641f72d5bdcd1eb4affe971b9e8f721c126e6ff55b4110fc25fd45b8877621de00af071d1f90621d3421dea276a834332
-
SSDEEP
49152:k6b5m+XIbIdcQ7VfSUkHJHFbb+rq7v5mida7Q:k65IEdh7Y3pFbmq7v5xS
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-