Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
984600cb124442b3a6cccfa3fd7dad4a_virlock_JC.exe
-
Size
182KB
-
Sample
230808-s5np9sdf54
-
MD5
984600cb124442b3a6cccfa3fd7dad4a
-
SHA1
99efe726c8595e6a14fdf18af61de1cd6962d6d0
-
SHA256
3b04220c50cfe4222c6195265144848afba0e3c154a223bfe66b071231373d90
-
SHA512
5a651d8f1f3db8d154a38b35a1f36cab0d691e55bd1077d3ad0b4c09a165f63a35457aef6fb76a3495c8a5c2a5aade73657c180f9e22d519ed21b6206640276e
-
SSDEEP
3072:T0vAD4D4LpDYrAlHbcmksN0HSNppTQFmQ48iOXVabAOU4:TI2u4x/lHIWN0GTQ+0VasOU
Malware Config
Targets
-
-
Target
984600cb124442b3a6cccfa3fd7dad4a_virlock_JC.exe
-
Size
182KB
-
MD5
984600cb124442b3a6cccfa3fd7dad4a
-
SHA1
99efe726c8595e6a14fdf18af61de1cd6962d6d0
-
SHA256
3b04220c50cfe4222c6195265144848afba0e3c154a223bfe66b071231373d90
-
SHA512
5a651d8f1f3db8d154a38b35a1f36cab0d691e55bd1077d3ad0b4c09a165f63a35457aef6fb76a3495c8a5c2a5aade73657c180f9e22d519ed21b6206640276e
-
SSDEEP
3072:T0vAD4D4LpDYrAlHbcmksN0HSNppTQFmQ48iOXVabAOU4:TI2u4x/lHIWN0GTQ+0VasOU
Score10/10-
Modifies visibility of file extensions in Explorer
-
UAC bypass
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1