Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d33a4094b5c98b7ad929b9f5ca969fddbc38b6d2d6149c201c740e3f74a62cf0.exe
-
Size
2.7MB
-
Sample
241121-kjr7kazqez
-
MD5
21880e624879ce6c9806ccac99d606b2
-
SHA1
d33c68d8d994f0a33d0753c8f65abcb6a2c2057e
-
SHA256
d33a4094b5c98b7ad929b9f5ca969fddbc38b6d2d6149c201c740e3f74a62cf0
-
SHA512
0234fe2eed884fa705a9313ff1f987bc6c9163d72781081afa1038a30badcbcd06002c94ab329d04c9e7264afff3318505e33839df0337638ab50ac1bd222ae2
-
SSDEEP
24576:VgU11BLg8J7p013oZpo/K27Fsm9FO7CAhSisMf3NJmqfnIubk9UZBVBRZjzQHvt:ZBs3KZpoS27Fmh0Mf3rYu2Mb
Malware Config
Targets
-
-
Target
d33a4094b5c98b7ad929b9f5ca969fddbc38b6d2d6149c201c740e3f74a62cf0.exe
-
Size
2.7MB
-
MD5
21880e624879ce6c9806ccac99d606b2
-
SHA1
d33c68d8d994f0a33d0753c8f65abcb6a2c2057e
-
SHA256
d33a4094b5c98b7ad929b9f5ca969fddbc38b6d2d6149c201c740e3f74a62cf0
-
SHA512
0234fe2eed884fa705a9313ff1f987bc6c9163d72781081afa1038a30badcbcd06002c94ab329d04c9e7264afff3318505e33839df0337638ab50ac1bd222ae2
-
SSDEEP
24576:VgU11BLg8J7p013oZpo/K27Fsm9FO7CAhSisMf3NJmqfnIubk9UZBVBRZjzQHvt:ZBs3KZpoS27Fmh0Mf3rYu2Mb
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Windows security modification
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2