Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

#~(34$eyqI...+$.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    #~(34$eyqII9V5Y+}{+$.exe

  • Size

    1008KB

  • Sample

    230106-hf7fzaaa8y

  • MD5

    e8659247d28fd7d544cc199033326e73

  • SHA1

    dcd551a8617835b5dabc03c83e7709d6bba2670c

  • SHA256

    1564919543f2198637816429f40ef8e829860063588859fce4ed002761205308

  • SHA512

    e4b6aaee51301a0d5465629236543891bcabff1eb7bd05537cc0b400b801bc2730db5b9e7c1d4163613aeef7ccf67fc835741642b627e2b1ad28b769d85ac988

  • SSDEEP

    24576:2jLRKkP4WChDxuk4JBJ/6ERHywedip4R4IDU5nmVz1W:2jLR3PvKEkoBRRRHyweds4RxU5nmVz1W

Score
8/10
bootkitpersistencevmprotect

Malware Config

Targets

    • Target

      #~(34$eyqII9V5Y+}{+$.exe

    • Size

      1008KB

    • MD5

      e8659247d28fd7d544cc199033326e73

    • SHA1

      dcd551a8617835b5dabc03c83e7709d6bba2670c

    • SHA256

      1564919543f2198637816429f40ef8e829860063588859fce4ed002761205308

    • SHA512

      e4b6aaee51301a0d5465629236543891bcabff1eb7bd05537cc0b400b801bc2730db5b9e7c1d4163613aeef7ccf67fc835741642b627e2b1ad28b769d85ac988

    • SSDEEP

      24576:2jLRKkP4WChDxuk4JBJ/6ERHywedip4R4IDU5nmVz1W:2jLR3PvKEkoBRRRHyweds4RxU5nmVz1W

    Score
    8/10
    bootkitpersistencevmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks