Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7acc85ad6eea22222b77c6b97e70d70163d665decfb01c7ac37a521cad221910
-
Size
4.8MB
-
Sample
240114-jepp7sfch2
-
MD5
bee3dc35e58b6c7cfb3373edd86f0f5c
-
SHA1
7d355964f351de173dd160fb2c101008adf63883
-
SHA256
7acc85ad6eea22222b77c6b97e70d70163d665decfb01c7ac37a521cad221910
-
SHA512
55329e7a2f02a3318c87bae712918a7f9b8fe96fe098e09f3549d70aa9fd5b5a71efa7119385eadf563d909736be243763fd7a66ea1e8e29b35a06874a1a0454
-
SSDEEP
98304:LpLE90Ta7PG5o2/JUqf7W1DSWCLT5S6SNZOreOa4:2932puiSeSOt
Malware Config
Targets
-
-
Target
7acc85ad6eea22222b77c6b97e70d70163d665decfb01c7ac37a521cad221910
-
Size
4.8MB
-
MD5
bee3dc35e58b6c7cfb3373edd86f0f5c
-
SHA1
7d355964f351de173dd160fb2c101008adf63883
-
SHA256
7acc85ad6eea22222b77c6b97e70d70163d665decfb01c7ac37a521cad221910
-
SHA512
55329e7a2f02a3318c87bae712918a7f9b8fe96fe098e09f3549d70aa9fd5b5a71efa7119385eadf563d909736be243763fd7a66ea1e8e29b35a06874a1a0454
-
SSDEEP
98304:LpLE90Ta7PG5o2/JUqf7W1DSWCLT5S6SNZOreOa4:2932puiSeSOt
Score8/10-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1