Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d2b1737eaf8b350b00066c617a08a95f33e0c723a7ec3f57c44a08c90b2d9af2
-
Size
2.4MB
-
Sample
241009-rdywgs1aqb
-
MD5
9c32deb8780079214cd748bc4acdecf7
-
SHA1
abe4b289dc806da27b10125404843c980766e92b
-
SHA256
d2b1737eaf8b350b00066c617a08a95f33e0c723a7ec3f57c44a08c90b2d9af2
-
SHA512
3e95c5543f98cf21a74c107f3f011cf1817f66a830bdb1bca29139ae22c08ae9d7880c9bb80e3038ac65f3eb229e5d902aec89d2a4639dc848949205ec87694e
-
SSDEEP
12288:bjC4uGeKraJ9HgocWf9L8UUq836PcL5TdCM3faA:bjC4uGeB9HZ9Ic8mcL5TdCu
Static task
static1
Behavioral task
behavioral1
Sample
d2b1737eaf8b350b00066c617a08a95f33e0c723a7ec3f57c44a08c90b2d9af2.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d2b1737eaf8b350b00066c617a08a95f33e0c723a7ec3f57c44a08c90b2d9af2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d2b1737eaf8b350b00066c617a08a95f33e0c723a7ec3f57c44a08c90b2d9af2
-
Size
2.4MB
-
MD5
9c32deb8780079214cd748bc4acdecf7
-
SHA1
abe4b289dc806da27b10125404843c980766e92b
-
SHA256
d2b1737eaf8b350b00066c617a08a95f33e0c723a7ec3f57c44a08c90b2d9af2
-
SHA512
3e95c5543f98cf21a74c107f3f011cf1817f66a830bdb1bca29139ae22c08ae9d7880c9bb80e3038ac65f3eb229e5d902aec89d2a4639dc848949205ec87694e
-
SSDEEP
12288:bjC4uGeKraJ9HgocWf9L8UUq836PcL5TdCM3faA:bjC4uGeB9HZ9Ic8mcL5TdCu
Score7/10-
Loads dropped DLL
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1