Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
77f3c811d457b9cd9d60718f6df48043.bin
-
Size
1.6MB
-
Sample
241018-byqslsydjh
-
MD5
2e3fa76f5829e60e7a2d476a94fab96d
-
SHA1
e54f0f3850e9d951f9aa0e3f91a059549cd6f1d6
-
SHA256
5e6947e488aaf500722c59f8c7d7c5062b10a5409515f8414065cb9e4ae61047
-
SHA512
03605b6a1c864a3dbc8bb25dcf68bd172e889c35df42c529cc470e4656a5865c89b4383eec469c6788ce308cc8bb44f58485dbf0be51ec23ba08f8de0bfffa9c
-
SSDEEP
49152:+4wOHyOOy/u/Q48BU3ruLZP5BuiYdU4wdtrSauAy7I:5mOOvL3yLFumNyauc
Malware Config
Targets
-
-
Target
9617ea9b776a3c294f2adffa1d3e2953cfbf301a03ad02c0568897e9e0e61968.exe
-
Size
1.7MB
-
MD5
77f3c811d457b9cd9d60718f6df48043
-
SHA1
2bd157c850a5e51cc91ed5ea7cb6a826d700c347
-
SHA256
9617ea9b776a3c294f2adffa1d3e2953cfbf301a03ad02c0568897e9e0e61968
-
SHA512
784f0a4a36bbb2df7a10a057594ce9f8d20cbacf11ed434d05e5f7c046be65b389914712579b0f56b157fc6e983a18d46e1b0ea3b83aabba2e6db780c682d759
-
SSDEEP
49152:jbsu3vazsgdM3Imur/HHecoYZ5zZhDx0H:vvuF8fuzHEEzZU
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Windows security modification
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2