Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

9.exe

windows7_x64

10

9.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9.exe

  • Size

    35KB

  • Sample

    220224-21kx9adha2

  • MD5

    69c7b8274b687875a08b20311147a9dd

  • SHA1

    9ab047d53100e007c1ef89a0769a949d83d39367

  • SHA256

    87d4ae3570608110b899d582e238ddfff0c411be980adb48b1ba7177be2b14ae

  • SHA512

    fb13c89282524ec99e339d6d94d4fdb8f9e29d39fc72881937229737b7b90b1e3f27652f1e2c16975b08cdd70213dbc8fd092dc37e274dad0a2723dfbcbadd33

Score
10/10
buerloaderpersistence

Malware Config

Extracted

Family

buer

C2

https://free-soft.cc/

https://free-pc-soft.cc/

Targets

    • Target

      9.exe

    • Size

      35KB

    • MD5

      69c7b8274b687875a08b20311147a9dd

    • SHA1

      9ab047d53100e007c1ef89a0769a949d83d39367

    • SHA256

      87d4ae3570608110b899d582e238ddfff0c411be980adb48b1ba7177be2b14ae

    • SHA512

      fb13c89282524ec99e339d6d94d4fdb8f9e29d39fc72881937229737b7b90b1e3f27652f1e2c16975b08cdd70213dbc8fd092dc37e274dad0a2723dfbcbadd33

    Score
    10/10
    buerloaderpersistence

    • Buer

      Buer is a new modular loader first seen in August 2019.

      loaderbuer

    • Modifies WinLogon for persistence

      persistence

    • Buer Loader

      Detects Buer loader in memory or disk.

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks