Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

krnl_boots...1).exe

windows7-x64

8

krnl_boots...1).exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    krnl_bootstrapper (1).exe

  • Size

    1.3MB

  • Sample

    230213-hmm1xabe27

  • MD5

    028879728f52bc807dada3afa79d9f25

  • SHA1

    ce285fcd92bb5a2aa74041950887fe8602575487

  • SHA256

    68f99fe749bea2b2cc835c34ac1818ec136f38c2e5eca18008e643f42a9912bc

  • SHA512

    11a9ec3d1f77e7c58c8b548cbf92075b9ffd3086c1e3ee8a7317be9c3da161ce4f6fe4acad85909b816c732c8688a4e264672f5fa67b2027ebbadb7a59d5cfec

  • SSDEEP

    24576:qQU7ecSgL6y+gk+rnxdarF9nq5VrnHugIJ96FTx4XclQ:qQUzS65+x+rnxYrC5VrnOgIqUXcS

Score
8/10

Malware Config

Targets

    • Target

      krnl_bootstrapper (1).exe

    • Size

      1.3MB

    • MD5

      028879728f52bc807dada3afa79d9f25

    • SHA1

      ce285fcd92bb5a2aa74041950887fe8602575487

    • SHA256

      68f99fe749bea2b2cc835c34ac1818ec136f38c2e5eca18008e643f42a9912bc

    • SHA512

      11a9ec3d1f77e7c58c8b548cbf92075b9ffd3086c1e3ee8a7317be9c3da161ce4f6fe4acad85909b816c732c8688a4e264672f5fa67b2027ebbadb7a59d5cfec

    • SSDEEP

      24576:qQU7ecSgL6y+gk+rnxdarF9nq5VrnHugIJ96FTx4XclQ:qQUzS65+x+rnxYrC5VrnOgIqUXcS

    Score
    8/10

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks