ff4d5e79b332e859a31b7a3c8fb5a9844adbb006ce562d4ab006b7c2770d9854 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

ff4d5e79b3...54.exe

windows7-x64

6

ff4d5e79b3...54.exe

windows10-2004-x64

6

Sharing

General

Target

ff4d5e79b332e859a31b7a3c8fb5a9844adbb006ce562d4ab006b7c2770d9854
Size

7.8MB
Sample

240529-dx4n7agf8x
MD5

6b44a8d699ecd4fb78e9a05a839c79fd
SHA1

c890812975459401aa19ad317e1e106ef74101c5
SHA256

ff4d5e79b332e859a31b7a3c8fb5a9844adbb006ce562d4ab006b7c2770d9854
SHA512

ba62b16a9d0bf0af69eb8838ac31ff221b0507f9f41b466e618f9aa6f620469ba6fd0d95959d192a8f7cc0346589e1c780eca2f38178ef8ba688409b9de373ff
SSDEEP

196608:v2+ZBdhQiexKbuXeR488Wxv/Kwf1ugFDah8dELt9/qI+tcg:9ExKuXeR4FWES7ZahHJ9iI

Score

6^/10

bootkit persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ff4d5e79b332e859a31b7a3c8fb5a9844adbb006ce562d4ab006b7c2770d9854.exe

Resource

win7-20240221-en

bootkit persistence

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

ff4d5e79b332e859a31b7a3c8fb5a9844adbb006ce562d4ab006b7c2770d9854.exe

Resource

win10v2004-20240426-en

bootkit persistence

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  ff4d5e79b332e859a31b7a3c8fb5a9844adbb006ce562d4ab006b7c2770d9854
- Size
  
  7.8MB
- MD5
  
  6b44a8d699ecd4fb78e9a05a839c79fd
- SHA1
  
  c890812975459401aa19ad317e1e106ef74101c5
- SHA256
  
  ff4d5e79b332e859a31b7a3c8fb5a9844adbb006ce562d4ab006b7c2770d9854
- SHA512
  
  ba62b16a9d0bf0af69eb8838ac31ff221b0507f9f41b466e618f9aa6f620469ba6fd0d95959d192a8f7cc0346589e1c780eca2f38178ef8ba688409b9de373ff
- SSDEEP
  
  196608:v2+ZBdhQiexKbuXeR488Wxv/Kwf1ugFDah8dELt9/qI+tcg:9ExKuXeR4FWES7ZahHJ9iI
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.