Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Lecture1.exe

windows7-x64

7

Lecture1.exe

windows10-2004-x64

7

Resubmissions

22/01/2024, 23:53

240122-3xe39sefh2 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Lecture1.zip

  • Size

    44KB

  • Sample

    240122-3xe39sefh2

  • MD5

    57269aca49830656d7b496cbc1a8e2f5

  • SHA1

    f77fd7833084b0e4b9bb9b10f5ed963868d68261

  • SHA256

    125b72c1278eb5447c6e1bd0ff146fb1e24ad1e783954bb45850102ff0511710

  • SHA512

    933a6a9877f6d5b8a1c94af79f96e44fe81e61755300c6ceb938be0fc7dc652e7c315d485aa74313898aa2b386570e052c35625023026754e3f857e210ec8350

  • SSDEEP

    768:Qex8wkPnfFRTGqNsfypm9xoBScrkYfVBu5hfyzcKPtPcUvdRst7:QexAPfFRtnm9cntChfyfP2qsN

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      Lecture1.exe

    • Size

      188KB

    • MD5

      122e3ae9475052e416f3e0736f16a30d

    • SHA1

      b19d1ca3d8ddcffc84ae6be8306cf50fba5d7775

    • SHA256

      12d2f3baa485c5ec40bef2ae1c5a9afc885f895e8e915d32433b6882439a99d9

    • SHA512

      ed9e1ea23c8646e2ee715a3dc9f23cf8cbb54864371dbf734466fa751bd06fadcd7bb674bb82e2a76c8385c46a98a8bf3b91be8a81d619399cb71059bffad094

    • SSDEEP

      1536:RDtNKbhY9FNAxQKg+R0Rh77YFBVoyBEv5pVTwVcl:MbytAFgx2FBuyeVTqY

    Score
    7/10
    bootkitpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies system executable filetype association

      persistence

    • Registers COM server for autorun

      persistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks