22f3efb1a1825bf4e50baf7a3ef7bb7ca2d2f801fd1078d2e0e5612af038e82f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

a0ff08305a...e2.exe

windows7-x64

7

a0ff08305a...e2.exe

windows10-2004-x64

7

Sharing

General

Target

a0ff08305ad63098ce960b41a6f291e2
Size

230KB
Sample

240224-fk1swaag4s
MD5

a0ff08305ad63098ce960b41a6f291e2
SHA1

41784c25a16b8efdfe8f7c1058ff68df65cc9918
SHA256

22f3efb1a1825bf4e50baf7a3ef7bb7ca2d2f801fd1078d2e0e5612af038e82f
SHA512

214f7bd95bbdb3dc9ba444ef3a70706e70fea529d474af93c4fd7b94340d3cf6439a264ef3b157f5348431d032a44cd264d910c754a7750117ccd3207dff95e7
SSDEEP

6144:EFd3ykj7mg6zWKcLSlFOnEu3sgAwhxKXrFUPk:EryAm5cmlFGfUFM

Score

7^/10

bootkit persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

a0ff08305ad63098ce960b41a6f291e2.exe

Resource

win7-20240220-en

bootkit persistence upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

a0ff08305ad63098ce960b41a6f291e2.exe

Resource

win10v2004-20240221-en

bootkit persistence upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  a0ff08305ad63098ce960b41a6f291e2
- Size
  
  230KB
- MD5
  
  a0ff08305ad63098ce960b41a6f291e2
- SHA1
  
  41784c25a16b8efdfe8f7c1058ff68df65cc9918
- SHA256
  
  22f3efb1a1825bf4e50baf7a3ef7bb7ca2d2f801fd1078d2e0e5612af038e82f
- SHA512
  
  214f7bd95bbdb3dc9ba444ef3a70706e70fea529d474af93c4fd7b94340d3cf6439a264ef3b157f5348431d032a44cd264d910c754a7750117ccd3207dff95e7
- SSDEEP
  
  6144:EFd3ykj7mg6zWKcLSlFOnEu3sgAwhxKXrFUPk:EryAm5cmlFGfUFM
Score

7^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx

© 2018-2025

Terms | Privacy