Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

HD.exe

windows7-x64

7

HD.exe

windows10-2004-x64

7

$TEMP/{tmp...ro.exe

windows7-x64

6

$TEMP/{tmp...ro.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    HD.exe

  • Size

    823KB

  • Sample

    240928-mz3pcavbke

  • MD5

    814cba52bcc8cdd3405c18b867c3d7fb

  • SHA1

    b2850b23609641eaa564f122c66515ffa9ea470a

  • SHA256

    1b9718d5826acaa26e0529ad2617e32fe712d6f19d6bdd6e0cea5f755516c319

  • SHA512

    b3fa116c0376beb0de34189b31d8f8c16e2b435ee578d79145c5b96fcea5fbba6226e90d6202e658173ced216eb558a8cd787c90023193d2d4d4673e4c8ea298

  • SSDEEP

    12288:jPGAAoiHUuGx86EcuswBjWagpTdEse8bjGld4VnlOixp:VGcx86yiawdEseiiop

Score
7/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      HD.exe

    • Size

      823KB

    • MD5

      814cba52bcc8cdd3405c18b867c3d7fb

    • SHA1

      b2850b23609641eaa564f122c66515ffa9ea470a

    • SHA256

      1b9718d5826acaa26e0529ad2617e32fe712d6f19d6bdd6e0cea5f755516c319

    • SHA512

      b3fa116c0376beb0de34189b31d8f8c16e2b435ee578d79145c5b96fcea5fbba6226e90d6202e658173ced216eb558a8cd787c90023193d2d4d4673e4c8ea298

    • SSDEEP

      12288:jPGAAoiHUuGx86EcuswBjWagpTdEse8bjGld4VnlOixp:VGcx86yiawdEseiiop

    Score
    7/10
    bootkitdiscoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

    • Target

      $TEMP/{tmp}/HDTunePro.exe

    • Size

      718KB

    • MD5

      a89e2c78e6dad4b81e8a1884c1e95716

    • SHA1

      813f3c1711ad8cb2f4ea7ab62a1c26d4c744cd74

    • SHA256

      acc68f63823435d26d17724ef073e6941eaebc5c7f80edc04b2063c619c510af

    • SHA512

      c4446e0bbecf073921fda2c48ae8b1cab7e9f1549b4fdbcc4a2e70e5c2a50cf09a4f439831a9f1333e8c96a8a650772fbde8676c0e88e24a9bf53e64d6c67a88

    • SSDEEP

      6144:A7x+nfVHUXyuo4Fa8Wb3fykKAPdZhDQ8+V6IEx4mWmkuIwtST+TVPTSAD6RVhQ1M:8xwVC9U9b3fyLWYVZEFdkuxpPGAAoiT

    Score
    6/10
    bootkitdiscoverypersistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks