Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8db76fef3375fe_JC.exe
-
Size
297KB
-
Sample
230717-rv126sce95
-
MD5
8db76fef3375fea882973197cce852c6
-
SHA1
cb1a22d4813929b4d9063ab31c75120a367fbe64
-
SHA256
9baf32ae922e0fa0b0f3e396b27e506495859cf848d43457ffc1f9b936eae3f3
-
SHA512
707f7b723e6824f5de7a804185e47fb8c407cfd19a816970d2f29e045e57c643a0835f9b201f0bb5b913fc02f1fa3b66b1af80b9cc6e5263888452b2cc7296da
-
SSDEEP
3072:tnVxYx9eIshsj7YvpB9VMXvq7SMtBby18mgOWaAZdmQQi6LpWl1vCH70iv7kNZv:lYx9ShsnYgXv9MtBggOWaKtQD04
Malware Config
Targets
-
-
Target
8db76fef3375fe_JC.exe
-
Size
297KB
-
MD5
8db76fef3375fea882973197cce852c6
-
SHA1
cb1a22d4813929b4d9063ab31c75120a367fbe64
-
SHA256
9baf32ae922e0fa0b0f3e396b27e506495859cf848d43457ffc1f9b936eae3f3
-
SHA512
707f7b723e6824f5de7a804185e47fb8c407cfd19a816970d2f29e045e57c643a0835f9b201f0bb5b913fc02f1fa3b66b1af80b9cc6e5263888452b2cc7296da
-
SSDEEP
3072:tnVxYx9eIshsj7YvpB9VMXvq7SMtBby18mgOWaAZdmQQi6LpWl1vCH70iv7kNZv:lYx9ShsnYgXv9MtBggOWaKtQD04
Score10/10-
Modifies visibility of file extensions in Explorer
-
UAC bypass
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-