Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Icecream.Ebook.Reader.6.42.exe
-
Size
29.9MB
-
Sample
240422-fyf1magc9s
-
MD5
f90a896fdd0d372765f89c555fd286c4
-
SHA1
fb4b58bed3b58bbbbfde076db19a3566ea219313
-
SHA256
3deac60bcee2553037d0f1f06ae2f54b0e8affbded1945103f52e767451b6987
-
SHA512
181ca289ff9d6250d70dbf9daf86877bf964a3d7593f8849715f85a2d11a44eff1c5f735617d8cfa16e901f78f2d6c7db116cf70498bf11ec370673b50306c36
-
SSDEEP
393216:tG+iYL1uLvfZHPD4dlgepR2UpoU1SyTzYIrDyI5SYpyuOl1mMCQiiIV+Oh2loKj5:t0vBvMdlgelAyHYWvwYsukrQiwhWo4n
Static task
static1
Behavioral task
behavioral1
Sample
Icecream.Ebook.Reader.6.42.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Icecream.Ebook.Reader.6.42.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
Icecream.Ebook.Reader.6.42.exe
-
Size
29.9MB
-
MD5
f90a896fdd0d372765f89c555fd286c4
-
SHA1
fb4b58bed3b58bbbbfde076db19a3566ea219313
-
SHA256
3deac60bcee2553037d0f1f06ae2f54b0e8affbded1945103f52e767451b6987
-
SHA512
181ca289ff9d6250d70dbf9daf86877bf964a3d7593f8849715f85a2d11a44eff1c5f735617d8cfa16e901f78f2d6c7db116cf70498bf11ec370673b50306c36
-
SSDEEP
393216:tG+iYL1uLvfZHPD4dlgepR2UpoU1SyTzYIrDyI5SYpyuOl1mMCQiiIV+Oh2loKj5:t0vBvMdlgelAyHYWvwYsukrQiwhWo4n
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-