Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c23ae4ef0a3ce7fe3cdb5105b3374dcf566c32829dc1fb02fa197a76a49463ad
-
Size
7.8MB
-
Sample
230529-hacdmsae5t
-
MD5
958f350e78c9292316207e8d8fd66e2e
-
SHA1
c4d2a25f50b714fe90a8b048c6ba78137e1fe47c
-
SHA256
c23ae4ef0a3ce7fe3cdb5105b3374dcf566c32829dc1fb02fa197a76a49463ad
-
SHA512
2707a112270c670d553819e9a96eb536c773e39317123f261f30f6488e9a6d597beb3a0cf82bb8418a6364b9831d3721627b44fb99170c65d9ae0f96ad9eaf5c
-
SSDEEP
196608:ivd06be3DFKb9+8V+gpwMl9yNQKJSHqfQaMvC3uV7LA/HrzkV0RdS114:MVbuDFw3Fj8QiSH5/vC3ulLSrw2R8q
Behavioral task
behavioral1
Sample
c23ae4ef0a3ce7fe3cdb5105b3374dcf566c32829dc1fb02fa197a76a49463ad.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
c23ae4ef0a3ce7fe3cdb5105b3374dcf566c32829dc1fb02fa197a76a49463ad.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
c23ae4ef0a3ce7fe3cdb5105b3374dcf566c32829dc1fb02fa197a76a49463ad
-
Size
7.8MB
-
MD5
958f350e78c9292316207e8d8fd66e2e
-
SHA1
c4d2a25f50b714fe90a8b048c6ba78137e1fe47c
-
SHA256
c23ae4ef0a3ce7fe3cdb5105b3374dcf566c32829dc1fb02fa197a76a49463ad
-
SHA512
2707a112270c670d553819e9a96eb536c773e39317123f261f30f6488e9a6d597beb3a0cf82bb8418a6364b9831d3721627b44fb99170c65d9ae0f96ad9eaf5c
-
SSDEEP
196608:ivd06be3DFKb9+8V+gpwMl9yNQKJSHqfQaMvC3uV7LA/HrzkV0RdS114:MVbuDFw3Fj8QiSH5/vC3ulLSrw2R8q
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-