Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
53e52b4a938eb421cbb5d336f049be3bdd4688b645863a1880e55c5748eeea29
-
Size
2.8MB
-
Sample
230215-zxhmlseb79
-
MD5
427cbdaf708b4fb597a993d379023a7b
-
SHA1
3c1db2bc2fae45c95a78df54d5c463f2e8095cda
-
SHA256
53e52b4a938eb421cbb5d336f049be3bdd4688b645863a1880e55c5748eeea29
-
SHA512
78a0dafcb1b9c93cf3b5f91028a1b146ba6b73284bce995abf6e20b984045f530e548d7617dd2dcca06d3751767f625dc9b4d4eac0ea7d7c969d82fb8495ef54
-
SSDEEP
49152:Rvofmdo+h5x6KV1wvc33BoY/Cmw+9prbesdZxKCo4YJ9hVNvsgStM5qFfziaT:Rvofmdo8x6KV4cxpqmwkJesdbU4+hHkN
Static task
static1
Behavioral task
behavioral1
Sample
53e52b4a938eb421cbb5d336f049be3bdd4688b645863a1880e55c5748eeea29.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
53e52b4a938eb421cbb5d336f049be3bdd4688b645863a1880e55c5748eeea29.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
53e52b4a938eb421cbb5d336f049be3bdd4688b645863a1880e55c5748eeea29
-
Size
2.8MB
-
MD5
427cbdaf708b4fb597a993d379023a7b
-
SHA1
3c1db2bc2fae45c95a78df54d5c463f2e8095cda
-
SHA256
53e52b4a938eb421cbb5d336f049be3bdd4688b645863a1880e55c5748eeea29
-
SHA512
78a0dafcb1b9c93cf3b5f91028a1b146ba6b73284bce995abf6e20b984045f530e548d7617dd2dcca06d3751767f625dc9b4d4eac0ea7d7c969d82fb8495ef54
-
SSDEEP
49152:Rvofmdo+h5x6KV1wvc33BoY/Cmw+9prbesdZxKCo4YJ9hVNvsgStM5qFfziaT:Rvofmdo8x6KV4cxpqmwkJesdbU4+hHkN
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-