Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

56f0655ece...2c.exe

windows7-x64

8

56f0655ece...2c.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    56f0655ece61e37c2bb8d6c24ebbe958f3b4423e69ac85474b0a840a9e66732c

  • Size

    253KB

  • Sample

    240822-bn23wsvcpm

  • MD5

    5ae58f7f53174ab6d40e73dc6fec8f60

  • SHA1

    3ba8d0ae3466890d2f13740b33a15b77d268e8d9

  • SHA256

    56f0655ece61e37c2bb8d6c24ebbe958f3b4423e69ac85474b0a840a9e66732c

  • SHA512

    676c12f0963100220b88eda58c87a544ad78616be47f03bbc912c1429ec750c82c97f6c7ec2724bf33d1a6ac82de6103e8325a99d8d015c79cc48ccfd35a1362

  • SSDEEP

    3072:YKs2murv7P87bIW89bUnOF+Pzb2bXk1/EBW3i59+Y9f2BSvupDhpbNDvPTzBDhsd:YTurvj0MUnP2bXe/EA3hYQou/pxkpRZ7

Score
8/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      56f0655ece61e37c2bb8d6c24ebbe958f3b4423e69ac85474b0a840a9e66732c

    • Size

      253KB

    • MD5

      5ae58f7f53174ab6d40e73dc6fec8f60

    • SHA1

      3ba8d0ae3466890d2f13740b33a15b77d268e8d9

    • SHA256

      56f0655ece61e37c2bb8d6c24ebbe958f3b4423e69ac85474b0a840a9e66732c

    • SHA512

      676c12f0963100220b88eda58c87a544ad78616be47f03bbc912c1429ec750c82c97f6c7ec2724bf33d1a6ac82de6103e8325a99d8d015c79cc48ccfd35a1362

    • SSDEEP

      3072:YKs2murv7P87bIW89bUnOF+Pzb2bXk1/EBW3i59+Y9f2BSvupDhpbNDvPTzBDhsd:YTurvj0MUnP2bXe/EA3hYQou/pxkpRZ7

    Score
    8/10
    bootkitdiscoverypersistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks