Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bce9358187f87db6b269bac3c3e52edc
-
Size
136KB
-
Sample
240309-1wp6qsbh56
-
MD5
bce9358187f87db6b269bac3c3e52edc
-
SHA1
08042b0bc6e57a9d006631e35618ea7b97c22dbd
-
SHA256
1d7339aa3f70900564d27bfa2700063c7f1dbae84a07e3a182ae351c7bba23d0
-
SHA512
0073ffe9a0631003090f23a0e4862320a37faea3f6edce683d2ff64389227c29aebe3352b82e39a157291ba46ac15484b1a76ea003940f283436690fe77e908a
-
SSDEEP
3072:lj4SxxPPsMP9xbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7p6vIE:6SxxPPsMFZwvP6bQ7yMP+DE827MwE
Static task
static1
Behavioral task
behavioral1
Sample
bce9358187f87db6b269bac3c3e52edc.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
bce9358187f87db6b269bac3c3e52edc
-
Size
136KB
-
MD5
bce9358187f87db6b269bac3c3e52edc
-
SHA1
08042b0bc6e57a9d006631e35618ea7b97c22dbd
-
SHA256
1d7339aa3f70900564d27bfa2700063c7f1dbae84a07e3a182ae351c7bba23d0
-
SHA512
0073ffe9a0631003090f23a0e4862320a37faea3f6edce683d2ff64389227c29aebe3352b82e39a157291ba46ac15484b1a76ea003940f283436690fe77e908a
-
SSDEEP
3072:lj4SxxPPsMP9xbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7p6vIE:6SxxPPsMFZwvP6bQ7yMP+DE827MwE
Score10/10-
Modifies security service
-
Looks for VMWare Tools registry key
-
Deletes itself
-
Executes dropped EXE
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-