Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    382877d2ea21925cfc3848ead8856e65cf5d35a02b798cd6911c6160bfdbb141

  • Size

    764KB

  • Sample

    220919-qtxgxsbad6

  • MD5

    88c4e1a1d9f9118acc9c3579e4f7b663

  • SHA1

    b3aec4198939bfd6b351fb47a5c5698dc1a5cec1

  • SHA256

    382877d2ea21925cfc3848ead8856e65cf5d35a02b798cd6911c6160bfdbb141

  • SHA512

    71031a7c7c5669114594c8cbff0f518735bacdac61793a4d8875762dc5eac9c49239ff8fbc48d41743319227b8e10d5ea027b7a7bb90fd625a20aedb84c5afd5

  • SSDEEP

    12288:lmxdDo+PWNKGA9MSTaTHM6Wxxn7Jn2saxb5R50WMPZqxG598/LWG10ayy4RJRSwF:lsh1PWEPaTTWxxn52sapSBR159iWG19g

Malware Config

Targets

    • Target

      382877d2ea21925cfc3848ead8856e65cf5d35a02b798cd6911c6160bfdbb141

    • Size

      764KB

    • MD5

      88c4e1a1d9f9118acc9c3579e4f7b663

    • SHA1

      b3aec4198939bfd6b351fb47a5c5698dc1a5cec1

    • SHA256

      382877d2ea21925cfc3848ead8856e65cf5d35a02b798cd6911c6160bfdbb141

    • SHA512

      71031a7c7c5669114594c8cbff0f518735bacdac61793a4d8875762dc5eac9c49239ff8fbc48d41743319227b8e10d5ea027b7a7bb90fd625a20aedb84c5afd5

    • SSDEEP

      12288:lmxdDo+PWNKGA9MSTaTHM6Wxxn7Jn2saxb5R50WMPZqxG598/LWG10ayy4RJRSwF:lsh1PWEPaTTWxxn52sapSBR159iWG19g

    • joker

      Joker is an Android malware that targets billing and SMS fraud.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks