Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Icecream.Ebook.Reader.6.42.exe

  • Size

    29.9MB

  • Sample

    240422-fyf1magc9s

  • MD5

    f90a896fdd0d372765f89c555fd286c4

  • SHA1

    fb4b58bed3b58bbbbfde076db19a3566ea219313

  • SHA256

    3deac60bcee2553037d0f1f06ae2f54b0e8affbded1945103f52e767451b6987

  • SHA512

    181ca289ff9d6250d70dbf9daf86877bf964a3d7593f8849715f85a2d11a44eff1c5f735617d8cfa16e901f78f2d6c7db116cf70498bf11ec370673b50306c36

  • SSDEEP

    393216:tG+iYL1uLvfZHPD4dlgepR2UpoU1SyTzYIrDyI5SYpyuOl1mMCQiiIV+Oh2loKj5:t0vBvMdlgelAyHYWvwYsukrQiwhWo4n

Malware Config

Targets

    • Target

      Icecream.Ebook.Reader.6.42.exe

    • Size

      29.9MB

    • MD5

      f90a896fdd0d372765f89c555fd286c4

    • SHA1

      fb4b58bed3b58bbbbfde076db19a3566ea219313

    • SHA256

      3deac60bcee2553037d0f1f06ae2f54b0e8affbded1945103f52e767451b6987

    • SHA512

      181ca289ff9d6250d70dbf9daf86877bf964a3d7593f8849715f85a2d11a44eff1c5f735617d8cfa16e901f78f2d6c7db116cf70498bf11ec370673b50306c36

    • SSDEEP

      393216:tG+iYL1uLvfZHPD4dlgepR2UpoU1SyTzYIrDyI5SYpyuOl1mMCQiiIV+Oh2loKj5:t0vBvMdlgelAyHYWvwYsukrQiwhWo4n

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks