Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Borux.png
-
Size
21KB
-
Sample
230402-wbfpcaah8y
-
MD5
161c2cf23c01ee0d37689fc51458ec7f
-
SHA1
b864444ecdcd427209155971ee0a91913d2cd304
-
SHA256
435469a7278571ddb7b2cf629323c105839862df407d90135e8e311bf3fe6b04
-
SHA512
7fcd9a981886307a44db5c6661e613a7bdf2c0cb5113de4654e4bb85870de10bef7a8032a2e33bf4c2443ae31c1c26315080905c0d407f2ac1dcb7aa3ee59df0
-
SSDEEP
384:0jBy2lR1p4nhwiddxLPwwnuLUd0eEx0/LnbnMBBVQu8+y+B:kNrpwiiv59nl0eEx0/vnMxq+y+B
Static task
static1
Behavioral task
behavioral1
Sample
Borux.png
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
Borux.png
-
Size
21KB
-
MD5
161c2cf23c01ee0d37689fc51458ec7f
-
SHA1
b864444ecdcd427209155971ee0a91913d2cd304
-
SHA256
435469a7278571ddb7b2cf629323c105839862df407d90135e8e311bf3fe6b04
-
SHA512
7fcd9a981886307a44db5c6661e613a7bdf2c0cb5113de4654e4bb85870de10bef7a8032a2e33bf4c2443ae31c1c26315080905c0d407f2ac1dcb7aa3ee59df0
-
SSDEEP
384:0jBy2lR1p4nhwiddxLPwwnuLUd0eEx0/LnbnMBBVQu8+y+B:kNrpwiiv59nl0eEx0/vnMxq+y+B
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-