Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8487a96fb0...f8.exe

windows7-x64

10

8487a96fb0...f8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8487a96fb05cbe05604bb5c3aadc44a5f8f66df2e10c4fe602bf97b50505a8f8

  • Size

    640KB

  • Sample

    221202-zel73sff7w

  • MD5

    f4c4fc3857150ed0ba3868dfa0e54ded

  • SHA1

    9820e32607d7f3c32af43be8b815b5923125efe8

  • SHA256

    8487a96fb05cbe05604bb5c3aadc44a5f8f66df2e10c4fe602bf97b50505a8f8

  • SHA512

    4a880ad57f9129949cee7373c62f394e5a01932cec1aac4093c3a401d083778e831504afab67d4688292b85d75096245fdce50d0ac984423fe8023df182bc5c8

  • SSDEEP

    12288:YbV/LJwUPNnKoeVLln+B8JusAvWyhsdEoT+R9Yx:ipJwCNKoeVLFk2vAeyhsyoc9G

Score
10/10
persistence

Malware Config

Targets

    • Target

      8487a96fb05cbe05604bb5c3aadc44a5f8f66df2e10c4fe602bf97b50505a8f8

    • Size

      640KB

    • MD5

      f4c4fc3857150ed0ba3868dfa0e54ded

    • SHA1

      9820e32607d7f3c32af43be8b815b5923125efe8

    • SHA256

      8487a96fb05cbe05604bb5c3aadc44a5f8f66df2e10c4fe602bf97b50505a8f8

    • SHA512

      4a880ad57f9129949cee7373c62f394e5a01932cec1aac4093c3a401d083778e831504afab67d4688292b85d75096245fdce50d0ac984423fe8023df182bc5c8

    • SSDEEP

      12288:YbV/LJwUPNnKoeVLln+B8JusAvWyhsdEoT+R9Yx:ipJwCNKoeVLFk2vAeyhsyoc9G

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks