Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    2.7MB

  • Sample

    241121-cv98hsxekd

  • MD5

    dd4838b2c7c89b5d5130f5bc7168809b

  • SHA1

    38ca577f79ffd22928874b9c74552027a7fce330

  • SHA256

    628693042f7cc6900f9b14c58b3d18499ff7fedf05335b7a81774db4bd5f23db

  • SHA512

    b56ffe826dd7a4bd43aafd402c139d930d3ffae5c2813de960d1d6544ee1d8d96b89e38728f4c4df024c0a38f60a730e1ab5b1d73a548fdac5f78f7164e004e3

  • SSDEEP

    49152:9HZJ/zBwDIyhmlt6brjR4wvMH3v2IV+CnF:hP/zikywltmW6MH3vlT

Score
10/10
discoveryevasiontrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      2.7MB

    • MD5

      dd4838b2c7c89b5d5130f5bc7168809b

    • SHA1

      38ca577f79ffd22928874b9c74552027a7fce330

    • SHA256

      628693042f7cc6900f9b14c58b3d18499ff7fedf05335b7a81774db4bd5f23db

    • SHA512

      b56ffe826dd7a4bd43aafd402c139d930d3ffae5c2813de960d1d6544ee1d8d96b89e38728f4c4df024c0a38f60a730e1ab5b1d73a548fdac5f78f7164e004e3

    • SSDEEP

      49152:9HZJ/zBwDIyhmlt6brjR4wvMH3v2IV+CnF:hP/zikywltmW6MH3vlT

    Score
    10/10
    discoveryevasiontrojan

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Windows security modification

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.