Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    79f52222b40053bfa4f2114578a2848c_JC.exe

  • Size

    2.5MB

  • Sample

    231012-b43z5age9z

  • MD5

    79f52222b40053bfa4f2114578a2848c

  • SHA1

    986bb2b858d535bb51a48bfd69fadb28fb10b314

  • SHA256

    ff55ed7f325774e23de32da446f4e479ba925fc5ab5020e9661c6694ab72c1d7

  • SHA512

    b1337e9fddab7e290f4e08b2a6779c2a799c5bd407fa6c85cbd86b589a92c20872bbf81d493c3c379378a22cec84de10f83e2380432fdb13f3fae9d838f4bb68

  • SSDEEP

    49152:ORw+fHVKnQnbcqnq5MkE4bOo4BkZHSjpjK3LBAgvLS:ORww3ba5MkE/DBpiL

Malware Config

Targets

    • Target

      79f52222b40053bfa4f2114578a2848c_JC.exe

    • Size

      2.5MB

    • MD5

      79f52222b40053bfa4f2114578a2848c

    • SHA1

      986bb2b858d535bb51a48bfd69fadb28fb10b314

    • SHA256

      ff55ed7f325774e23de32da446f4e479ba925fc5ab5020e9661c6694ab72c1d7

    • SHA512

      b1337e9fddab7e290f4e08b2a6779c2a799c5bd407fa6c85cbd86b589a92c20872bbf81d493c3c379378a22cec84de10f83e2380432fdb13f3fae9d838f4bb68

    • SSDEEP

      49152:ORw+fHVKnQnbcqnq5MkE4bOo4BkZHSjpjK3LBAgvLS:ORww3ba5MkE/DBpiL

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks