Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

wallpaper.jpg

windows10-1703-x64

7

Resubmissions

02/06/2023, 13:36

230602-qv9tmsbf25 7

30/05/2023, 13:15

230530-qhnewahg23 1

30/05/2023, 13:11

230530-qe6r2shf83 1

26/05/2023, 22:43

230526-2nf4jahe24 1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    wallpaper.jpg

  • Size

    2KB

  • Sample

    230602-qv9tmsbf25

  • MD5

    d5bf33cc7434d7b3735562ef0ced129e

  • SHA1

    7e017dd951a5b8ca2298fae493ceea47efb8e625

  • SHA256

    ca981e42b7a18a592e2dc84e5a1f09edc18ca6e10c8d04e5967506c3af81144d

  • SHA512

    eb1d024d2d5abd4f5f3b1eb948443ff1b5d5eb2a9bfcc1798f90f8e17630f3c6340c09812c1a5cbc9127a42425eb69aaed192fad19218adc48190357ec061453

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      wallpaper.jpg

    • Size

      2KB

    • MD5

      d5bf33cc7434d7b3735562ef0ced129e

    • SHA1

      7e017dd951a5b8ca2298fae493ceea47efb8e625

    • SHA256

      ca981e42b7a18a592e2dc84e5a1f09edc18ca6e10c8d04e5967506c3af81144d

    • SHA512

      eb1d024d2d5abd4f5f3b1eb948443ff1b5d5eb2a9bfcc1798f90f8e17630f3c6340c09812c1a5cbc9127a42425eb69aaed192fad19218adc48190357ec061453

    Score
    7/10
    bootkitpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks