Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

INLAB CLIENTE.exe

windows7-x64

7

INLAB CLIENTE.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6f0dd3f538a654950c8dfdf9e2a0b0b784a999f0.zip

  • Size

    3.3MB

  • Sample

    240529-v8kh5ach29

  • MD5

    f52f6b9992bf4881fa6bbac8ebaaae7a

  • SHA1

    bde7a6e9a1fd1e597e29386b130cb2ae78531855

  • SHA256

    36f6c9ab1126f0d30af8acc783d58273398fe26dab32372c8fcc13063b31861f

  • SHA512

    7028e02dcfd0da45627e19e981d4f1f42e833dd96ae5f3c7f9716165344f9dbdfd1240ec36bbff52907ad0dd6e80cb7e6f152eef234bc35c3cad29cf02e02e8f

  • SSDEEP

    49152:r9SZGMbe8gQu6kB2eZMoLIGRKoLexClI0MJUuogeIADKH0fY7pxfVMJGiMkmciyp:r9pUKrBcoUGekfCoJIADC0fYlxtTxG

Score
7/10
bootkitpersistencevmprotect

Malware Config

Targets

    • Target

      INLAB CLIENTE.rar

    • Size

      3.5MB

    • MD5

      080c2c3d5cc7ab1029f12d08b403cc50

    • SHA1

      6f0dd3f538a654950c8dfdf9e2a0b0b784a999f0

    • SHA256

      84ff9bc30a5062515928c38b3bee7b0b3976c3089e25e3784bd4e78256f36cf1

    • SHA512

      ef08eba8ee065777cc77a9191ee0658e015cecceb0fa7fe26555fa600660d9c0e4a7af746ad870faccc6953cfc39f2af713ddc9a5e102e2fb66669bc3cf0602e

    • SSDEEP

      98304:ZUSkVbU8a86PGZ/ITGVKdigkgxFquID206I3zv4IF5:OSwa86OVIT2qirg0J3zwg

    Score
    7/10
    bootkitpersistencevmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks