b7250785bbcb7676b32f4d0dbca4bfb1ed4e0f84ad28a2bbac10b4c695cb5f48 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

b7250785bb...48.exe

windows7-x64

8

b7250785bb...48.exe

windows10-2004-x64

8

Sharing

General

Target

b7250785bbcb7676b32f4d0dbca4bfb1ed4e0f84ad28a2bbac10b4c695cb5f48
Size

809KB
Sample

221127-sj843sbd4v
MD5

9fa89d305d099f16e1fc13048efa6e98
SHA1

3dca0f3ffe53c3a90d33d10ee9656407587b625f
SHA256

b7250785bbcb7676b32f4d0dbca4bfb1ed4e0f84ad28a2bbac10b4c695cb5f48
SHA512

5a7493cc56b634fea0d82c6cdaa0d88d51a77aa850e99a9494043df2bc06dfe55ab57913e038b1ad04330ec94aa1cae86dc412d504bec38c57f849a6c9527760
SSDEEP

24576:n2Qoqtcz49Sznsb9q0wK6e9D08IxDL+dznt9103yv:lb849UnsJvzJnOnizntU3

Score

8^/10

bootkit persistence

Static task

static1

Behavioral task

behavioral1

Sample

b7250785bbcb7676b32f4d0dbca4bfb1ed4e0f84ad28a2bbac10b4c695cb5f48.exe

Resource

win7-20221111-en

bootkit persistence

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

b7250785bbcb7676b32f4d0dbca4bfb1ed4e0f84ad28a2bbac10b4c695cb5f48.exe

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Targets

- Target
  
  b7250785bbcb7676b32f4d0dbca4bfb1ed4e0f84ad28a2bbac10b4c695cb5f48
- Size
  
  809KB
- MD5
  
  9fa89d305d099f16e1fc13048efa6e98
- SHA1
  
  3dca0f3ffe53c3a90d33d10ee9656407587b625f
- SHA256
  
  b7250785bbcb7676b32f4d0dbca4bfb1ed4e0f84ad28a2bbac10b4c695cb5f48
- SHA512
  
  5a7493cc56b634fea0d82c6cdaa0d88d51a77aa850e99a9494043df2bc06dfe55ab57913e038b1ad04330ec94aa1cae86dc412d504bec38c57f849a6c9527760
- SSDEEP
  
  24576:n2Qoqtcz49Sznsb9q0wK6e9D08IxDL+dznt9103yv:lb849UnsJvzJnOnizntU3
Score

8^/10

bootkit persistence
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence

© 2018-2025

Terms | Privacy