Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

efe12f9fd1...02.exe

windows7-x64

8

efe12f9fd1...02.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    efe12f9fd1bd423c38af7a20d78636088de1934b132a7056448b2884f8cc7c02

  • Size

    256KB

  • Sample

    221206-gqfwbsae68

  • MD5

    a53b78ba22bd17b4d7b5054fe6f6fdb5

  • SHA1

    2489cadd72282ba127f66d3b18cfff75463417bf

  • SHA256

    efe12f9fd1bd423c38af7a20d78636088de1934b132a7056448b2884f8cc7c02

  • SHA512

    44e3f9fc16bf6d75372ab419be466502810efab01799d3341606dc4fe796a189d884d72c2776f4c7c37e1bf7957bfb1be42963aaa56282c9855cf06dd412029b

  • SSDEEP

    6144:ZOR954oUZ57vESUOOTpM4kJUBAaxU1PIuGFcO:ZdMSgTjYUBAjdgl

Score
8/10
bootkitpersistencespywarestealer

Malware Config

Targets

    • Target

      efe12f9fd1bd423c38af7a20d78636088de1934b132a7056448b2884f8cc7c02

    • Size

      256KB

    • MD5

      a53b78ba22bd17b4d7b5054fe6f6fdb5

    • SHA1

      2489cadd72282ba127f66d3b18cfff75463417bf

    • SHA256

      efe12f9fd1bd423c38af7a20d78636088de1934b132a7056448b2884f8cc7c02

    • SHA512

      44e3f9fc16bf6d75372ab419be466502810efab01799d3341606dc4fe796a189d884d72c2776f4c7c37e1bf7957bfb1be42963aaa56282c9855cf06dd412029b

    • SSDEEP

      6144:ZOR954oUZ57vESUOOTpM4kJUBAaxU1PIuGFcO:ZdMSgTjYUBAjdgl

    Score
    8/10
    bootkitpersistencespywarestealer

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks