Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

image_2024...87.png

windows11-21h2-x64

Resubmissions

01/10/2024, 23:53

241001-3xnemswhrn 8

01/10/2024, 23:51

241001-3v5adawhlp 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    image_2024-10-01_165056187.png

  • Size

    60KB

  • Sample

    241001-3xnemswhrn

  • MD5

    622a08136cf22380c2502478ecf36447

  • SHA1

    671a0433a39bdf95605d946f1c6c4c2e2ed56380

  • SHA256

    e3eaff77005772603d85eb955c338eb29ed0d86f0aa5472f293a613121badb3a

  • SHA512

    03b48c0ce5b2951b020fd7b842f649779f7221c566c77e6c2a974e8d0b487bc1a767c67f5cccc78642e031b2a43807e87906ea62e9593220c8d66edff5cffc7c

  • SSDEEP

    1536:T5uNItk5QFQmw42Q5mIb5/gRZ4hWbDi92FuQJQCAw8hTmALZ:cNItk5AQV42vw/gRu0XGQlz8nZ

Score
8/10
bootkitdefense_evasiondiscoveryevasionpersistence

Malware Config

Targets

    • Target

      image_2024-10-01_165056187.png

    • Size

      60KB

    • MD5

      622a08136cf22380c2502478ecf36447

    • SHA1

      671a0433a39bdf95605d946f1c6c4c2e2ed56380

    • SHA256

      e3eaff77005772603d85eb955c338eb29ed0d86f0aa5472f293a613121badb3a

    • SHA512

      03b48c0ce5b2951b020fd7b842f649779f7221c566c77e6c2a974e8d0b487bc1a767c67f5cccc78642e031b2a43807e87906ea62e9593220c8d66edff5cffc7c

    • SSDEEP

      1536:T5uNItk5QFQmw42Q5mIb5/gRZ4hWbDi92FuQJQCAw8hTmALZ:cNItk5AQV42vw/gRu0XGQlz8nZ

    Score
    8/10
    bootkitdefense_evasiondiscoveryevasionpersistence

    • Disables Task Manager via registry modification

      evasion

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks