Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8db76fef3375fe_JC.exe

  • Size

    297KB

  • Sample

    230717-rv126sce95

  • MD5

    8db76fef3375fea882973197cce852c6

  • SHA1

    cb1a22d4813929b4d9063ab31c75120a367fbe64

  • SHA256

    9baf32ae922e0fa0b0f3e396b27e506495859cf848d43457ffc1f9b936eae3f3

  • SHA512

    707f7b723e6824f5de7a804185e47fb8c407cfd19a816970d2f29e045e57c643a0835f9b201f0bb5b913fc02f1fa3b66b1af80b9cc6e5263888452b2cc7296da

  • SSDEEP

    3072:tnVxYx9eIshsj7YvpB9VMXvq7SMtBby18mgOWaAZdmQQi6LpWl1vCH70iv7kNZv:lYx9ShsnYgXv9MtBggOWaKtQD04

Malware Config

Targets

    • Target

      8db76fef3375fe_JC.exe

    • Size

      297KB

    • MD5

      8db76fef3375fea882973197cce852c6

    • SHA1

      cb1a22d4813929b4d9063ab31c75120a367fbe64

    • SHA256

      9baf32ae922e0fa0b0f3e396b27e506495859cf848d43457ffc1f9b936eae3f3

    • SHA512

      707f7b723e6824f5de7a804185e47fb8c407cfd19a816970d2f29e045e57c643a0835f9b201f0bb5b913fc02f1fa3b66b1af80b9cc6e5263888452b2cc7296da

    • SSDEEP

      3072:tnVxYx9eIshsj7YvpB9VMXvq7SMtBby18mgOWaAZdmQQi6LpWl1vCH70iv7kNZv:lYx9ShsnYgXv9MtBggOWaKtQD04

    • Modifies visibility of file extensions in Explorer

    • UAC bypass

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks