Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9c2455673f5119d19819f58f846fca40
-
Size
734KB
-
Sample
240214-t12l1age33
-
MD5
9c2455673f5119d19819f58f846fca40
-
SHA1
91e0b1d9f055595642f65289464312d1c035939c
-
SHA256
7aeb55f4385f6dad0f3a54a212f5ced8a3adf7349ac5fdc32d25e462b8128df9
-
SHA512
4db51b225973e505d8eafe7e56ce5a135b386adadd464aad8099858d826aa35e57196f68e69e92d29bfcd293f1bf519953f6d9d7815c8a740b48207d9e9c69d3
-
SSDEEP
12288:GDp20LiL+qI81leaplGt0y/2FEbkNvB5WlQ4URF42Brpkki6paTuB+/09HmEkqwG:kpd2+esapfEYNZ0S4+lBrpkki6ETuB+A
Static task
static1
Behavioral task
behavioral1
Sample
9c2455673f5119d19819f58f846fca40.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
9c2455673f5119d19819f58f846fca40.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
9c2455673f5119d19819f58f846fca40
-
Size
734KB
-
MD5
9c2455673f5119d19819f58f846fca40
-
SHA1
91e0b1d9f055595642f65289464312d1c035939c
-
SHA256
7aeb55f4385f6dad0f3a54a212f5ced8a3adf7349ac5fdc32d25e462b8128df9
-
SHA512
4db51b225973e505d8eafe7e56ce5a135b386adadd464aad8099858d826aa35e57196f68e69e92d29bfcd293f1bf519953f6d9d7815c8a740b48207d9e9c69d3
-
SSDEEP
12288:GDp20LiL+qI81leaplGt0y/2FEbkNvB5WlQ4URF42Brpkki6paTuB+/09HmEkqwG:kpd2+esapfEYNZ0S4+lBrpkki6ETuB+A
Score7/10-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-