Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

bce9358187...dc.exe

windows7-x64

10

bce9358187...dc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bce9358187f87db6b269bac3c3e52edc

  • Size

    136KB

  • Sample

    240309-1wp6qsbh56

  • MD5

    bce9358187f87db6b269bac3c3e52edc

  • SHA1

    08042b0bc6e57a9d006631e35618ea7b97c22dbd

  • SHA256

    1d7339aa3f70900564d27bfa2700063c7f1dbae84a07e3a182ae351c7bba23d0

  • SHA512

    0073ffe9a0631003090f23a0e4862320a37faea3f6edce683d2ff64389227c29aebe3352b82e39a157291ba46ac15484b1a76ea003940f283436690fe77e908a

  • SSDEEP

    3072:lj4SxxPPsMP9xbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7p6vIE:6SxxPPsMFZwvP6bQ7yMP+DE827MwE

Score
10/10
bootkitevasionpersistencetrojan

Malware Config

Targets

    • Target

      bce9358187f87db6b269bac3c3e52edc

    • Size

      136KB

    • MD5

      bce9358187f87db6b269bac3c3e52edc

    • SHA1

      08042b0bc6e57a9d006631e35618ea7b97c22dbd

    • SHA256

      1d7339aa3f70900564d27bfa2700063c7f1dbae84a07e3a182ae351c7bba23d0

    • SHA512

      0073ffe9a0631003090f23a0e4862320a37faea3f6edce683d2ff64389227c29aebe3352b82e39a157291ba46ac15484b1a76ea003940f283436690fe77e908a

    • SSDEEP

      3072:lj4SxxPPsMP9xbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7p6vIE:6SxxPPsMFZwvP6bQ7yMP+DE827MwE

    Score
    10/10
    bootkitevasionpersistencetrojan

    • Modifies security service

      evasion

    • Windows security bypass

      evasiontrojan

    • Looks for VMWare Tools registry key

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks