Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

Borux.png

windows7-x64

8

Resubmissions

02/04/2023, 18:00

230402-wllckshf97 3

02/04/2023, 17:44

230402-wbfpcaah8y 8

02/04/2023, 17:26

230402-vz3ckshe66 4

02/04/2023, 10:34

230402-mmkb8sfh52 1

02/04/2023, 10:34

230402-ml33ysfh48 1

02/04/2023, 10:26

230402-mgrjcsfh32 1

02/04/2023, 10:05

230402-l4st9sfg56 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Borux.png

  • Size

    21KB

  • Sample

    230402-wbfpcaah8y

  • MD5

    161c2cf23c01ee0d37689fc51458ec7f

  • SHA1

    b864444ecdcd427209155971ee0a91913d2cd304

  • SHA256

    435469a7278571ddb7b2cf629323c105839862df407d90135e8e311bf3fe6b04

  • SHA512

    7fcd9a981886307a44db5c6661e613a7bdf2c0cb5113de4654e4bb85870de10bef7a8032a2e33bf4c2443ae31c1c26315080905c0d407f2ac1dcb7aa3ee59df0

  • SSDEEP

    384:0jBy2lR1p4nhwiddxLPwwnuLUd0eEx0/LnbnMBBVQu8+y+B:kNrpwiiv59nl0eEx0/vnMxq+y+B

Score
8/10
bootkitpersistence

Malware Config

Targets

    • Target

      Borux.png

    • Size

      21KB

    • MD5

      161c2cf23c01ee0d37689fc51458ec7f

    • SHA1

      b864444ecdcd427209155971ee0a91913d2cd304

    • SHA256

      435469a7278571ddb7b2cf629323c105839862df407d90135e8e311bf3fe6b04

    • SHA512

      7fcd9a981886307a44db5c6661e613a7bdf2c0cb5113de4654e4bb85870de10bef7a8032a2e33bf4c2443ae31c1c26315080905c0d407f2ac1dcb7aa3ee59df0

    • SSDEEP

      384:0jBy2lR1p4nhwiddxLPwwnuLUd0eEx0/LnbnMBBVQu8+y+B:kNrpwiiv59nl0eEx0/vnMxq+y+B

    Score
    8/10
    bootkitpersistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks