a82c686b030967025f09b72055a13c2f577c071c8a44ccb74717f2c2c0781b72 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

a82c686b03...72.exe

windows7-x64

9

a82c686b03...72.exe

windows10-2004-x64

9

Sharing

General

Target

a82c686b030967025f09b72055a13c2f577c071c8a44ccb74717f2c2c0781b72
Size

1.4MB
Sample

221125-1l79kaha52
MD5

22ef8f330567e4805ecce0cd429dae6c
SHA1

fbc835d9e9d9c8cc178fb1c1630cf68b3a13ef6a
SHA256

a82c686b030967025f09b72055a13c2f577c071c8a44ccb74717f2c2c0781b72
SHA512

7d060f0def041b6d1ac0e8839dc6322df3a51391c5554b494628f1dace15c3b14ee14519c08f7e2ab893495953cd28c25578e07786db24e07adca99b3e829029
SSDEEP

24576:+qjc/gJHnHDA2X6sduPAX33ktL63voPglGpVS2pJCiS/6fGpgvwM2G34:+qN8sp3kioPjpHwFCebX

Score

9^/10

bootkit persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

a82c686b030967025f09b72055a13c2f577c071c8a44ccb74717f2c2c0781b72.exe

Resource

win7-20220812-en

bootkit persistence upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

a82c686b030967025f09b72055a13c2f577c071c8a44ccb74717f2c2c0781b72.exe

Resource

win10v2004-20220812-en

bootkit persistence upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  a82c686b030967025f09b72055a13c2f577c071c8a44ccb74717f2c2c0781b72
- Size
  
  1.4MB
- MD5
  
  22ef8f330567e4805ecce0cd429dae6c
- SHA1
  
  fbc835d9e9d9c8cc178fb1c1630cf68b3a13ef6a
- SHA256
  
  a82c686b030967025f09b72055a13c2f577c071c8a44ccb74717f2c2c0781b72
- SHA512
  
  7d060f0def041b6d1ac0e8839dc6322df3a51391c5554b494628f1dace15c3b14ee14519c08f7e2ab893495953cd28c25578e07786db24e07adca99b3e829029
- SSDEEP
  
  24576:+qjc/gJHnHDA2X6sduPAX33ktL63voPglGpVS2pJCiS/6fGpgvwM2G34:+qN8sp3kioPjpHwFCebX
Score

9^/10

bootkit persistence upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.