Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
85969e612cc295_JC.exe
-
Size
294KB
-
Sample
230717-p8zedsca39
-
MD5
85969e612cc2957f0ebd355b440b7985
-
SHA1
4cb45ca620930efe1f6ff0f6c77f81b6c3cbad94
-
SHA256
77331e04422facb7b64a64d0fe695ef86a4b41983061b6d747c4711ffc29e421
-
SHA512
fe64965b482e8d58060d2a3442e6b2ddaf9d0dec12c60c5636ae5a5ce04da1a3a8886346f15904f7f65aaa04c43ddd73165a17efa6e95308f01bbae6762afa35
-
SSDEEP
6144:MZQ8mak00JUWTfwZXl2eQ6kcvj9dv429k1OL/cQ8jxUQ5egNlEz:SQ8PKTwRM6kcvRTkcL/1exUQ5x
Malware Config
Targets
-
-
Target
85969e612cc295_JC.exe
-
Size
294KB
-
MD5
85969e612cc2957f0ebd355b440b7985
-
SHA1
4cb45ca620930efe1f6ff0f6c77f81b6c3cbad94
-
SHA256
77331e04422facb7b64a64d0fe695ef86a4b41983061b6d747c4711ffc29e421
-
SHA512
fe64965b482e8d58060d2a3442e6b2ddaf9d0dec12c60c5636ae5a5ce04da1a3a8886346f15904f7f65aaa04c43ddd73165a17efa6e95308f01bbae6762afa35
-
SSDEEP
6144:MZQ8mak00JUWTfwZXl2eQ6kcvj9dv429k1OL/cQ8jxUQ5egNlEz:SQ8PKTwRM6kcvRTkcL/1exUQ5x
Score10/10-
Modifies visibility of file extensions in Explorer
-
UAC bypass
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-