Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2024-04-30...il.exe

windows7-x64

7

2024-04-30...il.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-30_9a2cea83f2fa842a1f0ec23f45304366_magniber_revil

  • Size

    35.7MB

  • Sample

    240430-n2tpwsbd66

  • MD5

    9a2cea83f2fa842a1f0ec23f45304366

  • SHA1

    4dead163187bca6cda8cb5041d15105e2ea10d00

  • SHA256

    1d94c15cc7d2b3cc3bdd8422b2bb271eff00d07cf77ddcb0cb445ee751784cde

  • SHA512

    59b2823a9d9b1d63859eff6952ff4f02faae9467c808c94eac82be6a9dead60d33884f363ead26422cb4b1cd7f561e2364a40b9167847a8e7b4c44ce50d9c326

  • SSDEEP

    393216:4HUaysP+F1gBJ3gDjHbSaiAFStsZTBuSgCh9h8hAqsPZ/U0qIpWerqNNZifKl/hf:UUaa6BOLiATZgC2hAgZiG/s7g

Score
10/10
bootkitdiscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      2024-04-30_9a2cea83f2fa842a1f0ec23f45304366_magniber_revil

    • Size

      35.7MB

    • MD5

      9a2cea83f2fa842a1f0ec23f45304366

    • SHA1

      4dead163187bca6cda8cb5041d15105e2ea10d00

    • SHA256

      1d94c15cc7d2b3cc3bdd8422b2bb271eff00d07cf77ddcb0cb445ee751784cde

    • SHA512

      59b2823a9d9b1d63859eff6952ff4f02faae9467c808c94eac82be6a9dead60d33884f363ead26422cb4b1cd7f561e2364a40b9167847a8e7b4c44ce50d9c326

    • SSDEEP

      393216:4HUaysP+F1gBJ3gDjHbSaiAFStsZTBuSgCh9h8hAqsPZ/U0qIpWerqNNZifKl/hf:UUaa6BOLiATZgC2hAgZiG/s7g

    Score
    7/10
    bootkitdiscoverypersistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Downloads MZ/PE file

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks