Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

Windows Lo...er.exe

windows7-x64

Windows Lo...er.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MDE_File_Sample_f901feefe2dd5ab8145211305d94a7e3e5389774.zip

  • Size

    1.6MB

  • Sample

    240529-k8ww2shg9v

  • MD5

    23747b475f6e1a0a31540677fc5873d2

  • SHA1

    c10af862b94c874958ecb062eda36a2ca63e46f7

  • SHA256

    d0972f1f8df58954c5812e3394cf9dd94049809b9168b536c505a68a18563397

  • SHA512

    07f72cbf31964cbcc0e34b0eafa378ebcd989a4f21c098b55eeae2ea2523bfb5fb693cbd7a249ce088eda559abd9ef4f2dc7e4378c048a285c0e6a30cedab749

  • SSDEEP

    24576:4PYw5qTxWdYkbqna1KzcDikumbRuuBE2EE0rzu0FnOZfJRB0/84Rd6GoWMTRA5Z4:475VdYJaM4u5LB9zpOhXB0E4RdgWMTRr

Score
8/10
discoveryexploitupx

Malware Config

Targets

    • Target

      Windows Loader/Windows Loader.exe

    • Size

      3.8MB

    • MD5

      3976bd5fcbb7cd13f0c12bb69afc2adc

    • SHA1

      3b6bdca414a53df7c8c5096b953c4df87a1091c7

    • SHA256

      bf5070ef8cf03a11d25460b3e09a479183cc0fa03d0ea32e4499998f509b1a40

    • SHA512

      0e34171ea0118f4487bc78954b9a388eac9ee203323e86746616c746a1543b8c4190397fc578d8fc5dd1e151862172fd1c444a42d4b59c18551959c2a19cf341

    • SSDEEP

      49152:wEYCFEfn+4NWcNKg/ngk4mY0bI1Wymfgvn81yJffTpuWV355FXw/+cuWV355FXwm:wEYz38cgg/ngk4mYfA7fgvn812nv

    Score
    8/10
    discoveryexploitupx

    • Possible privilege escalation attempt

      exploit

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Modifies file permissions

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks