Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JJSploit Installer.exe

  • Size

    50.0MB

  • Sample

    230208-p1c67aab91

  • MD5

    662d26b4e627e44a0da5e5e99fa41942

  • SHA1

    93ea678ba8449bfdfd7a26e82fae39f00185e8d8

  • SHA256

    30e248df598327c72d4f293fe8e69dd11e91494476e9ae56557bce939833bb7b

  • SHA512

    284078b1afaf2ff213aecf30fb298a6cf026cbf884227bc6864fedc60a40770a264a3b1a601b9fc1094e9bf1d8a0213359841631e5c83f1232c7db08a6b72cda

  • SSDEEP

    1572864:G78WsLBU07HgOYzXNfeZtTJt0mwS8LlMUzD2:G78WGBU0036T7mLlMUzK

Score
7/10

Malware Config

Targets

    • Target

      JJSploit Installer.exe

    • Size

      50.0MB

    • MD5

      662d26b4e627e44a0da5e5e99fa41942

    • SHA1

      93ea678ba8449bfdfd7a26e82fae39f00185e8d8

    • SHA256

      30e248df598327c72d4f293fe8e69dd11e91494476e9ae56557bce939833bb7b

    • SHA512

      284078b1afaf2ff213aecf30fb298a6cf026cbf884227bc6864fedc60a40770a264a3b1a601b9fc1094e9bf1d8a0213359841631e5c83f1232c7db08a6b72cda

    • SSDEEP

      1572864:G78WsLBU07HgOYzXNfeZtTJt0mwS8LlMUzD2:G78WGBU0036T7mLlMUzK

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks