43d145ba0c865187265c717572ce7a581b0fcdc2110c1c20e24b410615fdf31b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

5979ad4eb9...fb.exe

windows7-x64

7

5979ad4eb9...fb.exe

windows10-2004-x64

7

Sharing

General

Target

5979ad4eb9b1f9d20843f17bfa148dfb
Size

321KB
Sample

231226-g6z9xaegcr
MD5

5979ad4eb9b1f9d20843f17bfa148dfb
SHA1

f1fad0b4335a8baffd449a27cb47d3bdcc3ec209
SHA256

43d145ba0c865187265c717572ce7a581b0fcdc2110c1c20e24b410615fdf31b
SHA512

060f3adbc39394533adf4976d24efd3dab1d2e4ee195cf845a67770c932329cd9a26566cf878dd6d9e3075d5f45302077ca4282f4d9446e644735d6b8d9b24ed
SSDEEP

6144:9DQKrk2BsM4e3JUkxJK7Llkc8QxqQz3iw0ZrG7UnWD6S4Rv3p5LDfpP:BLk2B74e3JU3LuaMhrdnWD6XvZ5t

Score

7^/10

bootkit persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

5979ad4eb9b1f9d20843f17bfa148dfb.exe

Resource

win7-20231129-en

bootkit persistence upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

5979ad4eb9b1f9d20843f17bfa148dfb.exe

Resource

win10v2004-20231215-en

bootkit persistence upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  5979ad4eb9b1f9d20843f17bfa148dfb
- Size
  
  321KB
- MD5
  
  5979ad4eb9b1f9d20843f17bfa148dfb
- SHA1
  
  f1fad0b4335a8baffd449a27cb47d3bdcc3ec209
- SHA256
  
  43d145ba0c865187265c717572ce7a581b0fcdc2110c1c20e24b410615fdf31b
- SHA512
  
  060f3adbc39394533adf4976d24efd3dab1d2e4ee195cf845a67770c932329cd9a26566cf878dd6d9e3075d5f45302077ca4282f4d9446e644735d6b8d9b24ed
- SSDEEP
  
  6144:9DQKrk2BsM4e3JUkxJK7Llkc8QxqQz3iw0ZrG7UnWD6S4Rv3p5LDfpP:BLk2B74e3JU3LuaMhrdnWD6XvZ5t
Score

7^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx

© 2018-2025

Terms | Privacy