Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Poliwica64.exe
-
Size
4.1MB
-
Sample
241130-fqy68stnfv
-
MD5
cd8b29f6a2df18ca73301c974c592d01
-
SHA1
e92094fab6e05eababa66e1cb2fa1ba4f60a0ad7
-
SHA256
56725739b3f85b74fcad839107ae620647521837cb2c2601ebd0cad2d7e65567
-
SHA512
bd6a714da0a672091d4e4d5eef3c55625203c7bd2c69053763713b7fc56b539586d0c279539258fdfc95b60cbb0101a776598376e6802d26835337cdccbbe9cd
-
SSDEEP
98304:EgkS4oqb/YBbt3GUCFpUivk5xZx0qa1rb:DkS4MGlnUj55ba1rb
Behavioral task
behavioral1
Sample
Poliwica64.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
Poliwica64.exe
-
Size
4.1MB
-
MD5
cd8b29f6a2df18ca73301c974c592d01
-
SHA1
e92094fab6e05eababa66e1cb2fa1ba4f60a0ad7
-
SHA256
56725739b3f85b74fcad839107ae620647521837cb2c2601ebd0cad2d7e65567
-
SHA512
bd6a714da0a672091d4e4d5eef3c55625203c7bd2c69053763713b7fc56b539586d0c279539258fdfc95b60cbb0101a776598376e6802d26835337cdccbbe9cd
-
SSDEEP
98304:EgkS4oqb/YBbt3GUCFpUivk5xZx0qa1rb:DkS4MGlnUj55ba1rb
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-