Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

b56ab55d19...91.exe

windows7-x64

8

b56ab55d19...91.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b56ab55d19032dd6ca3a3919aed402f038002fedefa0ea890194a3caf253fb91

  • Size

    7.7MB

  • Sample

    230920-bgcjnafa84

  • MD5

    1dbceab4370d4d93e2c450595d8d4285

  • SHA1

    206dd4f2104ff6320f258a92f01a0b67ca6bbda2

  • SHA256

    b56ab55d19032dd6ca3a3919aed402f038002fedefa0ea890194a3caf253fb91

  • SHA512

    4a1243fe3a0ade224e91b215661c31fc1deadfc9492c1f266bf9242fa2ddb482d737f22281960639d1c1d61bf26690d4a94079c30cc5e80e0feb1e40b73e0f07

  • SSDEEP

    196608:SmQOIrSQFHE0pFAHqoGv69hs+IIczZ8cH:SzS+HE8eH069hs+IlV

Score
8/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      b56ab55d19032dd6ca3a3919aed402f038002fedefa0ea890194a3caf253fb91

    • Size

      7.7MB

    • MD5

      1dbceab4370d4d93e2c450595d8d4285

    • SHA1

      206dd4f2104ff6320f258a92f01a0b67ca6bbda2

    • SHA256

      b56ab55d19032dd6ca3a3919aed402f038002fedefa0ea890194a3caf253fb91

    • SHA512

      4a1243fe3a0ade224e91b215661c31fc1deadfc9492c1f266bf9242fa2ddb482d737f22281960639d1c1d61bf26690d4a94079c30cc5e80e0feb1e40b73e0f07

    • SSDEEP

      196608:SmQOIrSQFHE0pFAHqoGv69hs+IIczZ8cH:SzS+HE8eH069hs+IlV

    Score
    8/10
    bootkitpersistenceupx

    • Downloads MZ/PE file

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks