Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-06-04...ar.exe

windows7-x64

7

2024-06-04...ar.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-06-04_22b1b1b018a54a257e90e4c110252150_huhk_icedid_vidar

  • Size

    17.4MB

  • Sample

    240604-taygnaca9y

  • MD5

    22b1b1b018a54a257e90e4c110252150

  • SHA1

    60e6a228d43c0fd8231fdbc619e3da1f2e052a46

  • SHA256

    ba537d9a4ba0f5a69a9cb5932c0e077855176ad22ce88daabe6e6087bc22ea18

  • SHA512

    f7c1e10ae85f2ad74e404e78d225ee94a9300cd7e5773a33c8a4546077ef842a8a1fd06ac4d4c28982928eeb6f8e91f3eafaafcc623bd056555f735250aecfa0

  • SSDEEP

    393216:4rRto5Hz2de6I1b4KCm5Odj2GxHD958JUOsFqszcRtqfZQi4/:oRtCbt6aijlFL+Afq

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      2024-06-04_22b1b1b018a54a257e90e4c110252150_huhk_icedid_vidar

    • Size

      17.4MB

    • MD5

      22b1b1b018a54a257e90e4c110252150

    • SHA1

      60e6a228d43c0fd8231fdbc619e3da1f2e052a46

    • SHA256

      ba537d9a4ba0f5a69a9cb5932c0e077855176ad22ce88daabe6e6087bc22ea18

    • SHA512

      f7c1e10ae85f2ad74e404e78d225ee94a9300cd7e5773a33c8a4546077ef842a8a1fd06ac4d4c28982928eeb6f8e91f3eafaafcc623bd056555f735250aecfa0

    • SSDEEP

      393216:4rRto5Hz2de6I1b4KCm5Odj2GxHD958JUOsFqszcRtqfZQi4/:oRtCbt6aijlFL+Afq

    Score
    7/10
    bootkitpersistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks