Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    53e52b4a938eb421cbb5d336f049be3bdd4688b645863a1880e55c5748eeea29

  • Size

    2.8MB

  • Sample

    230215-zxhmlseb79

  • MD5

    427cbdaf708b4fb597a993d379023a7b

  • SHA1

    3c1db2bc2fae45c95a78df54d5c463f2e8095cda

  • SHA256

    53e52b4a938eb421cbb5d336f049be3bdd4688b645863a1880e55c5748eeea29

  • SHA512

    78a0dafcb1b9c93cf3b5f91028a1b146ba6b73284bce995abf6e20b984045f530e548d7617dd2dcca06d3751767f625dc9b4d4eac0ea7d7c969d82fb8495ef54

  • SSDEEP

    49152:Rvofmdo+h5x6KV1wvc33BoY/Cmw+9prbesdZxKCo4YJ9hVNvsgStM5qFfziaT:Rvofmdo8x6KV4cxpqmwkJesdbU4+hHkN

Score
7/10

Malware Config

Targets

    • Target

      53e52b4a938eb421cbb5d336f049be3bdd4688b645863a1880e55c5748eeea29

    • Size

      2.8MB

    • MD5

      427cbdaf708b4fb597a993d379023a7b

    • SHA1

      3c1db2bc2fae45c95a78df54d5c463f2e8095cda

    • SHA256

      53e52b4a938eb421cbb5d336f049be3bdd4688b645863a1880e55c5748eeea29

    • SHA512

      78a0dafcb1b9c93cf3b5f91028a1b146ba6b73284bce995abf6e20b984045f530e548d7617dd2dcca06d3751767f625dc9b4d4eac0ea7d7c969d82fb8495ef54

    • SSDEEP

      49152:Rvofmdo+h5x6KV1wvc33BoY/Cmw+9prbesdZxKCo4YJ9hVNvsgStM5qFfziaT:Rvofmdo8x6KV4cxpqmwkJesdbU4+hHkN

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v6

Tasks