Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
07443099.exe
-
Size
247KB
-
Sample
230610-l6fbysfd4z
-
MD5
733eb0ab951ae42a8d8cca413201e428
-
SHA1
640ffb3ee44eb86afaea92e6c5aa158a5d4aafd1
-
SHA256
52d6d769eb474d4138ac31e05634a6ca7a4ebef5920f8356c1cd70d9fa42c2fb
-
SHA512
c7cdf77aa881c5dbb2abf17913dbf645fe88e16fa11fa055392d36ccf936fc43050c48feb631e193fe044123a190f123d2d6ff12234c0ff7c8c7c6e290209d8f
-
SSDEEP
3072:xaWEHnqlm+0FEaJSq6+ouCpk2mpcWJ0r+QNTBfZnazJ9k3kxMC+89+aPyXiwQ9M1:cWCMm8aMldk1cWQRNTBhz3Yz/qc9M1
Static task
static1
Behavioral task
behavioral1
Sample
07443099.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
07443099.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
07443099.exe
-
Size
247KB
-
MD5
733eb0ab951ae42a8d8cca413201e428
-
SHA1
640ffb3ee44eb86afaea92e6c5aa158a5d4aafd1
-
SHA256
52d6d769eb474d4138ac31e05634a6ca7a4ebef5920f8356c1cd70d9fa42c2fb
-
SHA512
c7cdf77aa881c5dbb2abf17913dbf645fe88e16fa11fa055392d36ccf936fc43050c48feb631e193fe044123a190f123d2d6ff12234c0ff7c8c7c6e290209d8f
-
SSDEEP
3072:xaWEHnqlm+0FEaJSq6+ouCpk2mpcWJ0r+QNTBfZnazJ9k3kxMC+89+aPyXiwQ9M1:cWCMm8aMldk1cWQRNTBhz3Yz/qc9M1
Score8/10-
Drops file in Drivers directory
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Modifies boot configuration data using bcdedit
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-