Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JJSploit_7.2.0_x86_en-US.msi
-
Size
5.8MB
-
Sample
230608-wvml1ahd92
-
MD5
7522424ea68e64621cd8a81f1eb71e2a
-
SHA1
d4b84e4f586127cf15715c99f2d5e66ce953bc64
-
SHA256
7d4a960a6a46db69576a7e3717fef7872f873a0fb5b1e6fea2b2341baa18f36e
-
SHA512
0305ac4dc857ae77e5da11bab0eb0334697cae70681648945eb6f73325c5eb303de6cc21fe8cec8f90540a6acc2d96a8915ee420e5c8219a7711a8f781241429
-
SSDEEP
98304:6YGaxzW1K/3a9xtLMlrgUhWHaF1CYddUCa59/fcL+j4/zyh1kP0K6MFToDmgsUST:yqzWEALwLekTdE/fcO4/SpKnFWoPimc
Static task
static1
Behavioral task
behavioral1
Sample
JJSploit_7.2.0_x86_en-US.msi
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
JJSploit_7.2.0_x86_en-US.msi
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
JJSploit_7.2.0_x86_en-US.msi
-
Size
5.8MB
-
MD5
7522424ea68e64621cd8a81f1eb71e2a
-
SHA1
d4b84e4f586127cf15715c99f2d5e66ce953bc64
-
SHA256
7d4a960a6a46db69576a7e3717fef7872f873a0fb5b1e6fea2b2341baa18f36e
-
SHA512
0305ac4dc857ae77e5da11bab0eb0334697cae70681648945eb6f73325c5eb303de6cc21fe8cec8f90540a6acc2d96a8915ee420e5c8219a7711a8f781241429
-
SSDEEP
98304:6YGaxzW1K/3a9xtLMlrgUhWHaF1CYddUCa59/fcL+j4/zyh1kP0K6MFToDmgsUST:yqzWEALwLekTdE/fcO4/SpKnFWoPimc
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-