a7264090c78482bf467d95dfb21c088d65eb65d5755c3eeca5374a4411884781 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

a7264090c7...81.exe

windows7-x64

6

a7264090c7...81.exe

windows10-2004-x64

6

Sharing

General

Target

a7264090c78482bf467d95dfb21c088d65eb65d5755c3eeca5374a4411884781
Size

1.4MB
Sample

230209-mv2aqahb56
MD5

487650228b28c84c13d305280bfcea7b
SHA1

7b62228e19cab4222b351422d1485705b0e9e255
SHA256

a7264090c78482bf467d95dfb21c088d65eb65d5755c3eeca5374a4411884781
SHA512

9942a65446761e9a27b29d24982c859fcb31849623e348dcf1a1aac879bd56737b44b5b0f80df6a9db52a66510e8c75c58c33bdb5638365378ebd6eb7ba64654
SSDEEP

24576:JHPn34MhTCilQoR1Ke2xnk6c/gfsGfhyQemrNDgPUzCgnextHWUziJm4IFMesbTK:RP9RbGGc9eTYmEbTrL1OImr0Imr+pYZP

Score

6^/10

bootkit evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

a7264090c78482bf467d95dfb21c088d65eb65d5755c3eeca5374a4411884781.exe

Resource

win7-20220901-en

bootkit evasion persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

a7264090c78482bf467d95dfb21c088d65eb65d5755c3eeca5374a4411884781.exe

Resource

win10v2004-20220812-en

bootkit evasion persistence trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  a7264090c78482bf467d95dfb21c088d65eb65d5755c3eeca5374a4411884781
- Size
  
  1.4MB
- MD5
  
  487650228b28c84c13d305280bfcea7b
- SHA1
  
  7b62228e19cab4222b351422d1485705b0e9e255
- SHA256
  
  a7264090c78482bf467d95dfb21c088d65eb65d5755c3eeca5374a4411884781
- SHA512
  
  9942a65446761e9a27b29d24982c859fcb31849623e348dcf1a1aac879bd56737b44b5b0f80df6a9db52a66510e8c75c58c33bdb5638365378ebd6eb7ba64654
- SSDEEP
  
  24576:JHPn34MhTCilQoR1Ke2xnk6c/gfsGfhyQemrNDgPUzCgnextHWUziJm4IFMesbTK:RP9RbGGc9eTYmEbTrL1OImr0Imr+pYZP
Score

6^/10

bootkit evasion persistence trojan
- Checks whether UAC is enabled
  evasion trojan
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitevasionpersistencetrojan

behavioral2

bootkitevasionpersistencetrojan

© 2018-2025

Terms | Privacy