Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

PDFSharkApp.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PDFSharkApp.exe

  • Size

    1.0MB

  • Sample

    230106-xaz72ahg45

  • MD5

    3e0fb82ed8ea6cd7d1f1bb9dca5f2bdc

  • SHA1

    c7641aba03a32099c9eaf0c104f19c32a5408ae4

  • SHA256

    7c8e1dba5c1b84a08636d9e6f225e1e79bb346c176e0ee2ae1dfec18953a1ce2

  • SHA512

    752104741ca99e691691b22b81516d5f1f36ae6c80a5dbf987fa6c88ff6aa747e085d59e08afcbfa9c8e9eda5f4ab167f8d29a29d31d34674ac85e3007e1732d

  • SSDEEP

    12288:8rcn3wmilvy1PKQKXy9xFW8f9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cHy:Ocn3w/lvpQlrXNL2PVh6B+BzjmcS

Score
7/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      PDFSharkApp.exe

    • Size

      1.0MB

    • MD5

      3e0fb82ed8ea6cd7d1f1bb9dca5f2bdc

    • SHA1

      c7641aba03a32099c9eaf0c104f19c32a5408ae4

    • SHA256

      7c8e1dba5c1b84a08636d9e6f225e1e79bb346c176e0ee2ae1dfec18953a1ce2

    • SHA512

      752104741ca99e691691b22b81516d5f1f36ae6c80a5dbf987fa6c88ff6aa747e085d59e08afcbfa9c8e9eda5f4ab167f8d29a29d31d34674ac85e3007e1732d

    • SSDEEP

      12288:8rcn3wmilvy1PKQKXy9xFW8f9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cHy:Ocn3w/lvpQlrXNL2PVh6B+BzjmcS

    Score
    7/10
    bootkitdiscoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks