Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    29a20515e8e82ebfaa714e22cb4f77bb09db3c78bee3e3f5d4243cd735df85c1

  • Size

    310KB

  • Sample

    220919-hmcj6sghdq

  • MD5

    793327e861ff1bc78d510117eaa27670

  • SHA1

    5528ca6d10b08c1f0b65b653e6b67aa024e71ece

  • SHA256

    29a20515e8e82ebfaa714e22cb4f77bb09db3c78bee3e3f5d4243cd735df85c1

  • SHA512

    7466d94b003a99d9e8b1731cd9b61ebabe68475509d5d13d457763c70de02fc2ee027edf431a8fb3a97544ed189379ff50f53cdac25a12b76e7079934cbcec37

  • SSDEEP

    6144:QFxJ85QlW5suGZ4HIy72pXHfDRH0G3B5jAPjsBpb0rAy+YJ1:W62W5suOMIX/DVXB587sBpb0rNz

Malware Config

Targets

    • Target

      29a20515e8e82ebfaa714e22cb4f77bb09db3c78bee3e3f5d4243cd735df85c1

    • Size

      310KB

    • MD5

      793327e861ff1bc78d510117eaa27670

    • SHA1

      5528ca6d10b08c1f0b65b653e6b67aa024e71ece

    • SHA256

      29a20515e8e82ebfaa714e22cb4f77bb09db3c78bee3e3f5d4243cd735df85c1

    • SHA512

      7466d94b003a99d9e8b1731cd9b61ebabe68475509d5d13d457763c70de02fc2ee027edf431a8fb3a97544ed189379ff50f53cdac25a12b76e7079934cbcec37

    • SSDEEP

      6144:QFxJ85QlW5suGZ4HIy72pXHfDRH0G3B5jAPjsBpb0rAy+YJ1:W62W5suOMIX/DVXB587sBpb0rNz

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks