Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

7981b92240...71.exe

windows7-x64

7

7981b92240...71.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7981b92240f5a2f4b53a300592abf24a7b71b7759f273fd7ca43093cf64fbe71

  • Size

    4.8MB

  • Sample

    240901-wzerysyaml

  • MD5

    31ebd85b9d51ffe7ac3027f7621173af

  • SHA1

    048e1f1031ee5adcc43692fb478949f00ba986cf

  • SHA256

    7981b92240f5a2f4b53a300592abf24a7b71b7759f273fd7ca43093cf64fbe71

  • SHA512

    d1e4472b0632cdcdd6e8619b7347296db735512f1a25ae2c60dfb8ff5a5b89133b242b6c9901081d2d5316886d132f8b9d3b0a0ad24319a5ea29f6b9b9d6d92b

  • SSDEEP

    98304:cVeM4VwHuokyfK8PGcx2HynIiprw0F80XZeGH:6AVw6kx2SnIe84eGH

Score
7/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      7981b92240f5a2f4b53a300592abf24a7b71b7759f273fd7ca43093cf64fbe71

    • Size

      4.8MB

    • MD5

      31ebd85b9d51ffe7ac3027f7621173af

    • SHA1

      048e1f1031ee5adcc43692fb478949f00ba986cf

    • SHA256

      7981b92240f5a2f4b53a300592abf24a7b71b7759f273fd7ca43093cf64fbe71

    • SHA512

      d1e4472b0632cdcdd6e8619b7347296db735512f1a25ae2c60dfb8ff5a5b89133b242b6c9901081d2d5316886d132f8b9d3b0a0ad24319a5ea29f6b9b9d6d92b

    • SSDEEP

      98304:cVeM4VwHuokyfK8PGcx2HynIiprw0F80XZeGH:6AVw6kx2SnIe84eGH

    Score
    7/10
    bootkitdiscoverypersistence

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks