Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    kav21.3.10.391en_26074.exe

  • Size

    2.6MB

  • Sample

    240418-1gqhysfe75

  • MD5

    d0e47e632ba9144605d7bec32e126737

  • SHA1

    9c02c04bed4cc77baab6ad8f22a9e780fedb61e3

  • SHA256

    915ceba5edafdf1ffc45792ede4269ada50809960c2d0e74fe554010f25b9afc

  • SHA512

    62b87616b11ec3299288f6015ad693e869f3dc795dfce7e3186d31e7e24e4490537ef68d739ed6aec1cd306c33057eff8827e8f1022503d0be3b42544b8e04a0

  • SSDEEP

    49152:847Nlau3ZiJvDrOV9Gcwb/alTe/iXMNLdcE/EBSDre/2jX8oL:8eNlau3UJOV9GvZbRDe/2zl

Malware Config

Targets

    • Target

      kav21.3.10.391en_26074.exe

    • Size

      2.6MB

    • MD5

      d0e47e632ba9144605d7bec32e126737

    • SHA1

      9c02c04bed4cc77baab6ad8f22a9e780fedb61e3

    • SHA256

      915ceba5edafdf1ffc45792ede4269ada50809960c2d0e74fe554010f25b9afc

    • SHA512

      62b87616b11ec3299288f6015ad693e869f3dc795dfce7e3186d31e7e24e4490537ef68d739ed6aec1cd306c33057eff8827e8f1022503d0be3b42544b8e04a0

    • SSDEEP

      49152:847Nlau3ZiJvDrOV9Gcwb/alTe/iXMNLdcE/EBSDre/2jX8oL:8eNlau3UJOV9GvZbRDe/2zl

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Checks whether UAC is enabled

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks