Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JJSploit_7.2.0_x86_en-US.msi

  • Size

    5.8MB

  • Sample

    230608-wvml1ahd92

  • MD5

    7522424ea68e64621cd8a81f1eb71e2a

  • SHA1

    d4b84e4f586127cf15715c99f2d5e66ce953bc64

  • SHA256

    7d4a960a6a46db69576a7e3717fef7872f873a0fb5b1e6fea2b2341baa18f36e

  • SHA512

    0305ac4dc857ae77e5da11bab0eb0334697cae70681648945eb6f73325c5eb303de6cc21fe8cec8f90540a6acc2d96a8915ee420e5c8219a7711a8f781241429

  • SSDEEP

    98304:6YGaxzW1K/3a9xtLMlrgUhWHaF1CYddUCa59/fcL+j4/zyh1kP0K6MFToDmgsUST:yqzWEALwLekTdE/fcO4/SpKnFWoPimc

Score
8/10

Malware Config

Targets

    • Target

      JJSploit_7.2.0_x86_en-US.msi

    • Size

      5.8MB

    • MD5

      7522424ea68e64621cd8a81f1eb71e2a

    • SHA1

      d4b84e4f586127cf15715c99f2d5e66ce953bc64

    • SHA256

      7d4a960a6a46db69576a7e3717fef7872f873a0fb5b1e6fea2b2341baa18f36e

    • SHA512

      0305ac4dc857ae77e5da11bab0eb0334697cae70681648945eb6f73325c5eb303de6cc21fe8cec8f90540a6acc2d96a8915ee420e5c8219a7711a8f781241429

    • SSDEEP

      98304:6YGaxzW1K/3a9xtLMlrgUhWHaF1CYddUCa59/fcL+j4/zyh1kP0K6MFToDmgsUST:yqzWEALwLekTdE/fcO4/SpKnFWoPimc

    Score
    8/10
    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v6

Tasks