Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Mercury.C.exe
-
Size
1.0MB
-
Sample
230610-ydal8agd5t
-
MD5
f7b55502a71cef2d1e70d88aeeb63d73
-
SHA1
bfd5a73a583a78464cb9f46d3799f6c9f47663ff
-
SHA256
9eb6551959a913de98898302ec764841be357c0786038bdfa1c3d7f269d490a6
-
SHA512
ec32ab1b6a7839af70cd6cf17e74158cefc0590e80ef9ae09df2cf50ae7837cb19c629b7d70a9901e5951b64e193ec1f08ba2d8ff47a90c76529bf7cb1bae6b8
-
SSDEEP
24576:ByLw3WVoK5w/NyZtkzhnxAwUKm4MEoiE:uwW+KIWtk9nlUKm4MtiE
Behavioral task
behavioral1
Sample
Mercury.C.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Mercury.C.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Mercury.C.exe
-
Size
1.0MB
-
MD5
f7b55502a71cef2d1e70d88aeeb63d73
-
SHA1
bfd5a73a583a78464cb9f46d3799f6c9f47663ff
-
SHA256
9eb6551959a913de98898302ec764841be357c0786038bdfa1c3d7f269d490a6
-
SHA512
ec32ab1b6a7839af70cd6cf17e74158cefc0590e80ef9ae09df2cf50ae7837cb19c629b7d70a9901e5951b64e193ec1f08ba2d8ff47a90c76529bf7cb1bae6b8
-
SSDEEP
24576:ByLw3WVoK5w/NyZtkzhnxAwUKm4MEoiE:uwW+KIWtk9nlUKm4MtiE
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-