Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

cdangel_hyd.exe

windows7-x64

9

cdangel_hyd.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    818579676ecd03508dac62b1ba27672e4746d55a54f59232747a64e63f5d9175

  • Size

    547KB

  • Sample

    221125-v8k5naga7z

  • MD5

    b5306f9e7196d83c64e56d9a54841783

  • SHA1

    db8eb82026b7f31149c329ff6e1ad41203e39ec9

  • SHA256

    818579676ecd03508dac62b1ba27672e4746d55a54f59232747a64e63f5d9175

  • SHA512

    ad8626ef2dba3d8c200f5e4c63394236a97c8b9675e0a5bfa1d088a7df71e9cd2932a12ae0186d1f60912059e2ded5da225439024ada90ddb7128b3054a11849

  • SSDEEP

    12288:HxxizHGb9/xKCN54u+7p/q331uH89JF771E0QpT7deYitg51Pfdjnzd:Rxizmd4inUH89DX1pyJriadjB

Score
9/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      cdangel_hyd.exe

    • Size

      1.6MB

    • MD5

      b0c729aadf6f144668355d565851cf79

    • SHA1

      2bf15e2f045652fca4d0dd8228187cb75655b81b

    • SHA256

      6ba31cbeb9fce22e449f1ba9a46b68c3f4a2597b33c022e67d0993dd37baf144

    • SHA512

      f748429b9cd4c3a54dab785e367e131854b041bf63bb9e97a552d0434bf94d553f017b58db3e59792e796cbe01bb7311db0a5db152dd145a086a57f38b299606

    • SSDEEP

      24576:clESBu0W2SZDKB4I88WVWcz/Tq6i6W88g/PQG/KD3T9t0kjYTY1G3i:c6UdWJ/Ta6H7HL/O3NJ

    Score
    9/10
    bootkitpersistenceupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks