1349decadda3d92a42ba5f15987b1286fea4a3a77ba0970c816b7861bb84f637 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

1349decadd...37.exe

windows7-x64

7

1349decadd...37.exe

windows10-2004-x64

7

Sharing

General

Target

1349decadda3d92a42ba5f15987b1286fea4a3a77ba0970c816b7861bb84f637
Size

7.0MB
Sample

231010-j2vjzaeb65
MD5

ad7c23474a4083eeb961d97ca8e4e917
SHA1

f14aecc1bd88bbdbf2e5f9f05b2e35f895be8d3d
SHA256

1349decadda3d92a42ba5f15987b1286fea4a3a77ba0970c816b7861bb84f637
SHA512

155ba42812a34c38031d0249f040ae680d1678e54254564ebc00b5fe530a5656e408bbead7a235d94d1959607d3368fc38fe574c71488037e422b48105a8e7b7
SSDEEP

98304:PHWHSA7PRjJcE5Qkd2MgBJkJ2K18vYlKRnSOig72atl8xiEi/5w2RAamHXKqIHBI:ETb5MB22KHlKRSg7blIi/aiAam69dfUj

Score

7^/10

bootkit persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1349decadda3d92a42ba5f15987b1286fea4a3a77ba0970c816b7861bb84f637.exe

Resource

win7-20230831-en

bootkit persistence upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

1349decadda3d92a42ba5f15987b1286fea4a3a77ba0970c816b7861bb84f637.exe

Resource

win10v2004-20230915-en

bootkit persistence upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  1349decadda3d92a42ba5f15987b1286fea4a3a77ba0970c816b7861bb84f637
- Size
  
  7.0MB
- MD5
  
  ad7c23474a4083eeb961d97ca8e4e917
- SHA1
  
  f14aecc1bd88bbdbf2e5f9f05b2e35f895be8d3d
- SHA256
  
  1349decadda3d92a42ba5f15987b1286fea4a3a77ba0970c816b7861bb84f637
- SHA512
  
  155ba42812a34c38031d0249f040ae680d1678e54254564ebc00b5fe530a5656e408bbead7a235d94d1959607d3368fc38fe574c71488037e422b48105a8e7b7
- SSDEEP
  
  98304:PHWHSA7PRjJcE5Qkd2MgBJkJ2K18vYlKRnSOig72atl8xiEi/5w2RAamHXKqIHBI:ETb5MB22KHlKRSg7blIi/aiAam69dfUj
Score

7^/10

bootkit persistence upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.