Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4839574d3807246a5f6779f2a658f781_virlock_JC.exe
-
Size
915KB
-
Sample
230819-ssledabb66
-
MD5
4839574d3807246a5f6779f2a658f781
-
SHA1
7ac16bec3781c185e32189baf01cf4b0c101017e
-
SHA256
c3c62d89f3251859a83c919319f6a8eaef90ad35da47e697abc977e8b7de1e42
-
SHA512
87aabb2a51be67b841bfde6d7b9930a116e933aeb1ae2439205ca3520fa3db856c97bb04b8bed68da8506bc6a2ed3cec9cba8a1c120e6a6fe4d6741354f6896a
-
SSDEEP
12288:srkbeZTah2U2Q2PumWuK7I3gk47/Zb1C3EJ3+BycVcX6XE5+AtB1S++8fDUk4smF:s4CZGH2QHNG4V1CUNFuMHfik/HeN
Malware Config
Targets
-
-
Target
4839574d3807246a5f6779f2a658f781_virlock_JC.exe
-
Size
915KB
-
MD5
4839574d3807246a5f6779f2a658f781
-
SHA1
7ac16bec3781c185e32189baf01cf4b0c101017e
-
SHA256
c3c62d89f3251859a83c919319f6a8eaef90ad35da47e697abc977e8b7de1e42
-
SHA512
87aabb2a51be67b841bfde6d7b9930a116e933aeb1ae2439205ca3520fa3db856c97bb04b8bed68da8506bc6a2ed3cec9cba8a1c120e6a6fe4d6741354f6896a
-
SSDEEP
12288:srkbeZTah2U2Q2PumWuK7I3gk47/Zb1C3EJ3+BycVcX6XE5+AtB1S++8fDUk4smF:s4CZGH2QHNG4V1CUNFuMHfik/HeN
Score10/10-
Modifies visibility of file extensions in Explorer
-
UAC bypass
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1