To my knowledge, some malware running inside Whonix Workstation could query at least your CPU model, your keyboard layout and your dom0 timezone.
Here’s a sneak peek what I wrote, but I recommend reading that whole thread.
1 Like