Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    009f29f9c9176d147f5bc68bae34d774d4111c5a842f95c4a543def4af075f79

  • Size

    7.7MB

  • Sample

    230131-l8n2wahf6y

  • MD5

    69371170e242cdd8300d15188874bc70

  • SHA1

    815291554d7fd62bcf61d483bf5af7a606ee9940

  • SHA256

    009f29f9c9176d147f5bc68bae34d774d4111c5a842f95c4a543def4af075f79

  • SHA512

    893c766e73fec7d9a81ea3753b38563d5069f71c5f9351e248843b69d4f2ca66e00132f15f8b1e99a20155e3aa17f698889ae6f76e15a59918360d7a93fa533f

  • SSDEEP

    196608:Igt/cJ5whGimYLCd4/zGkx77qeBlb2tokf6aAXXW:Igt/kGhGimmC4/QeBlb22kfJkXW

Score
8/10

Malware Config

Targets

    • Target

      009f29f9c9176d147f5bc68bae34d774d4111c5a842f95c4a543def4af075f79

    • Size

      7.7MB

    • MD5

      69371170e242cdd8300d15188874bc70

    • SHA1

      815291554d7fd62bcf61d483bf5af7a606ee9940

    • SHA256

      009f29f9c9176d147f5bc68bae34d774d4111c5a842f95c4a543def4af075f79

    • SHA512

      893c766e73fec7d9a81ea3753b38563d5069f71c5f9351e248843b69d4f2ca66e00132f15f8b1e99a20155e3aa17f698889ae6f76e15a59918360d7a93fa533f

    • SSDEEP

      196608:Igt/cJ5whGimYLCd4/zGkx77qeBlb2tokf6aAXXW:Igt/kGhGimmC4/QeBlb22kfJkXW

    Score
    8/10
    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks