36a1c62a9805eb71d96ac0e7bd19f1795bebc4286c1a9262a1034229c8bc1c13 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

36a1c62a98...13.exe

windows7-x64

7

36a1c62a98...13.exe

windows10-2004-x64

7

Sharing

General

Target

36a1c62a9805eb71d96ac0e7bd19f1795bebc4286c1a9262a1034229c8bc1c13
Size

6.3MB
Sample

240911-q94wyatgnn
MD5

73d292e9d7247dc1983d6d75add501d6
SHA1

94319eb3e9233ada62bac5ce34e65e3f2c33366b
SHA256

36a1c62a9805eb71d96ac0e7bd19f1795bebc4286c1a9262a1034229c8bc1c13
SHA512

82f48bc07304b92b430e63e27ef70dde9acccc61d97a7176eafe8fc4a536e2f7718a32fc7c82c52bb888b27ad39204172e2c7ab41449b7b9983fe04ad77643ba
SSDEEP

98304:Q1ROYXnwB6N/g2mCw6cB27OgUWZHw7saFCKuJJBAUZLRxa:0XwBjJff2sWGFCKsJV1xa

Score

7^/10

bootkit discovery persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

36a1c62a9805eb71d96ac0e7bd19f1795bebc4286c1a9262a1034229c8bc1c13.exe

Resource

win7-20240903-en

bootkit discovery persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

36a1c62a9805eb71d96ac0e7bd19f1795bebc4286c1a9262a1034229c8bc1c13.exe

Resource

win10v2004-20240802-en

bootkit discovery persistence upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  36a1c62a9805eb71d96ac0e7bd19f1795bebc4286c1a9262a1034229c8bc1c13
- Size
  
  6.3MB
- MD5
  
  73d292e9d7247dc1983d6d75add501d6
- SHA1
  
  94319eb3e9233ada62bac5ce34e65e3f2c33366b
- SHA256
  
  36a1c62a9805eb71d96ac0e7bd19f1795bebc4286c1a9262a1034229c8bc1c13
- SHA512
  
  82f48bc07304b92b430e63e27ef70dde9acccc61d97a7176eafe8fc4a536e2f7718a32fc7c82c52bb888b27ad39204172e2c7ab41449b7b9983fe04ad77643ba
- SSDEEP
  
  98304:Q1ROYXnwB6N/g2mCw6cB27OgUWZHw7saFCKuJJBAUZLRxa:0XwBjJff2sWGFCKsJV1xa
Score

7^/10

bootkit discovery persistence upx
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistenceupx

behavioral2

bootkitdiscoverypersistenceupx

© 2018-2025

Terms | Privacy