Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f6119b096eb08a1d383692337094dbd7ca54f0a537b6eaed84a889f34f78a2db
-
Size
517KB
-
Sample
221127-cadntabe56
-
MD5
a3268d6e62b2ea92eff6f68878d3e7e1
-
SHA1
4f6e37134febc107839c9272f56a3e3bc2ab0782
-
SHA256
f6119b096eb08a1d383692337094dbd7ca54f0a537b6eaed84a889f34f78a2db
-
SHA512
a992575ac6f5caf5154f0e436f41dce665455195142c58617c401f7afe01ae6ee00e8ddc3b1d5763a8099513d30e95c461ee08a22cde2ccc2e1be970f8fc5310
-
SSDEEP
12288:zXsVTt9r7V7qUu3hgemcwAWBL0/WtfD+of:rsVTt9rR03akyBtSof
Static task
static1
Behavioral task
behavioral1
Sample
f6119b096eb08a1d383692337094dbd7ca54f0a537b6eaed84a889f34f78a2db.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
f6119b096eb08a1d383692337094dbd7ca54f0a537b6eaed84a889f34f78a2db.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
f6119b096eb08a1d383692337094dbd7ca54f0a537b6eaed84a889f34f78a2db
-
Size
517KB
-
MD5
a3268d6e62b2ea92eff6f68878d3e7e1
-
SHA1
4f6e37134febc107839c9272f56a3e3bc2ab0782
-
SHA256
f6119b096eb08a1d383692337094dbd7ca54f0a537b6eaed84a889f34f78a2db
-
SHA512
a992575ac6f5caf5154f0e436f41dce665455195142c58617c401f7afe01ae6ee00e8ddc3b1d5763a8099513d30e95c461ee08a22cde2ccc2e1be970f8fc5310
-
SSDEEP
12288:zXsVTt9r7V7qUu3hgemcwAWBL0/WtfD+of:rsVTt9rR03akyBtSof
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-