Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    TM082.jar

  • Size

    218KB

  • Sample

    230510-jkt7wagg3x

  • MD5

    8ce728f1623127b504eebb6ca4cd320e

  • SHA1

    393070129d8632581ebc47fc3a64ab5a78dea059

  • SHA256

    bcb9043e812bab9148c235f4e131a7a8fa72d0f29c9ef390eb16c598b61b2002

  • SHA512

    c8e9fe1008ff5459075b8d9049f44e901ca8946c657f8fb505b88fd28f060b2d6112dd47802c4c552d9fd043c471ce1aed9c5d9fe4d637774ac4d1e408c03bb5

  • SSDEEP

    6144:YDGM5+YsmGv2MDy+sshp4hcjj0GO07waiyks0SlPnujRuNMA:tM+mGv2QyQ3Cn072yt9drqA

Malware Config

Targets

    • Target

      TM082.jar

    • Size

      218KB

    • MD5

      8ce728f1623127b504eebb6ca4cd320e

    • SHA1

      393070129d8632581ebc47fc3a64ab5a78dea059

    • SHA256

      bcb9043e812bab9148c235f4e131a7a8fa72d0f29c9ef390eb16c598b61b2002

    • SHA512

      c8e9fe1008ff5459075b8d9049f44e901ca8946c657f8fb505b88fd28f060b2d6112dd47802c4c552d9fd043c471ce1aed9c5d9fe4d637774ac4d1e408c03bb5

    • SSDEEP

      6144:YDGM5+YsmGv2MDy+sshp4hcjj0GO07waiyks0SlPnujRuNMA:tM+mGv2QyQ3Cn072yt9drqA

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks