Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ChGU5RnFz8dRwXkW.exe

  • Size

    3.8MB

  • Sample

    241014-vxs15awgqh

  • MD5

    304b06be0d224a3701ef8a6566f990c9

  • SHA1

    37dc9c23b41b7d1095669e9e79590239cbb77a4e

  • SHA256

    e278b0488f81f2e9f3cb45e6d11f480f0123424d729a9252ad26b31f13c729ef

  • SHA512

    d1e7e3477c16aa35b09b6555783fc1c8f7005226ab9037eb46aad7bcf70a97b496ac816ff8fb64ed5df0bfc7f8454b4ad41e070c59bcacb5c0d3150d5a80060a

  • SSDEEP

    49152:GgbjC6wsE/Plh5l5Q8rjKSh4Z31W19oDeLuXE9lmQHkcflkWQdIhf3T9QPMIfCbZ:GgPT6lE8KShQ1W7B9tJ2L2hf3TmfEuXc

Malware Config

Targets

    • Target

      ChGU5RnFz8dRwXkW.exe

    • Size

      3.8MB

    • MD5

      304b06be0d224a3701ef8a6566f990c9

    • SHA1

      37dc9c23b41b7d1095669e9e79590239cbb77a4e

    • SHA256

      e278b0488f81f2e9f3cb45e6d11f480f0123424d729a9252ad26b31f13c729ef

    • SHA512

      d1e7e3477c16aa35b09b6555783fc1c8f7005226ab9037eb46aad7bcf70a97b496ac816ff8fb64ed5df0bfc7f8454b4ad41e070c59bcacb5c0d3150d5a80060a

    • SSDEEP

      49152:GgbjC6wsE/Plh5l5Q8rjKSh4Z31W19oDeLuXE9lmQHkcflkWQdIhf3T9QPMIfCbZ:GgPT6lE8KShQ1W7B9tJ2L2hf3TmfEuXc

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks