Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

0935c2fe98...33.exe

windows7-x64

1

0935c2fe98...33.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0935c2fe98240c3be9714dcd8b5293f6cac98f7f9af5f9a1a769eaed97571c33

  • Size

    57KB

  • Sample

    220919-ezjmgacacl

  • MD5

    4ace4a7d415ef311ca038fea35918645

  • SHA1

    4398b938d811aa7fcaf9804ba6a831aacad2c3ca

  • SHA256

    0935c2fe98240c3be9714dcd8b5293f6cac98f7f9af5f9a1a769eaed97571c33

  • SHA512

    9276b13478c7b695208751cab875dc3460eab25d8d0925bb605639a8424e027d25480c597c6b7ab30cdefe1b15757f1aed22f96c91f4b60078dcacd690e32807

  • SSDEEP

    1536:fFGQjNsLP13pH0XqdpC0ozlqE1vsKZK3z5v1BqnG:f8ui7z06dpC0dE1tMD5tonG

Score
10/10
jokerevasioninfostealerpersistencetrojan

Malware Config

Targets

    • Target

      0935c2fe98240c3be9714dcd8b5293f6cac98f7f9af5f9a1a769eaed97571c33

    • Size

      57KB

    • MD5

      4ace4a7d415ef311ca038fea35918645

    • SHA1

      4398b938d811aa7fcaf9804ba6a831aacad2c3ca

    • SHA256

      0935c2fe98240c3be9714dcd8b5293f6cac98f7f9af5f9a1a769eaed97571c33

    • SHA512

      9276b13478c7b695208751cab875dc3460eab25d8d0925bb605639a8424e027d25480c597c6b7ab30cdefe1b15757f1aed22f96c91f4b60078dcacd690e32807

    • SSDEEP

      1536:fFGQjNsLP13pH0XqdpC0ozlqE1vsKZK3z5v1BqnG:f8ui7z06dpC0dE1tMD5tonG

    Score
    10/10
    jokerevasioninfostealerpersistencetrojan

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

      infostealertrojanjoker

    • Executes dropped EXE

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks