Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JJSploit Installer.exe
-
Size
50.0MB
-
Sample
230208-p1c67aab91
-
MD5
662d26b4e627e44a0da5e5e99fa41942
-
SHA1
93ea678ba8449bfdfd7a26e82fae39f00185e8d8
-
SHA256
30e248df598327c72d4f293fe8e69dd11e91494476e9ae56557bce939833bb7b
-
SHA512
284078b1afaf2ff213aecf30fb298a6cf026cbf884227bc6864fedc60a40770a264a3b1a601b9fc1094e9bf1d8a0213359841631e5c83f1232c7db08a6b72cda
-
SSDEEP
1572864:G78WsLBU07HgOYzXNfeZtTJt0mwS8LlMUzD2:G78WGBU0036T7mLlMUzK
Static task
static1
Behavioral task
behavioral1
Sample
JJSploit Installer.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
JJSploit Installer.exe
-
Size
50.0MB
-
MD5
662d26b4e627e44a0da5e5e99fa41942
-
SHA1
93ea678ba8449bfdfd7a26e82fae39f00185e8d8
-
SHA256
30e248df598327c72d4f293fe8e69dd11e91494476e9ae56557bce939833bb7b
-
SHA512
284078b1afaf2ff213aecf30fb298a6cf026cbf884227bc6864fedc60a40770a264a3b1a601b9fc1094e9bf1d8a0213359841631e5c83f1232c7db08a6b72cda
-
SSDEEP
1572864:G78WsLBU07HgOYzXNfeZtTJt0mwS8LlMUzD2:G78WGBU0036T7mLlMUzK
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-