Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1be315a12dc5accb6994f156aff85bd0_exe32_JC.exe
-
Size
343KB
-
Sample
231015-wh4praab5s
-
MD5
1be315a12dc5accb6994f156aff85bd0
-
SHA1
c9d6f74a053e1b2aa5d1e4f111b0ae93d78eab68
-
SHA256
99ef90d73c8081285e4c8698e772d78bdc340b668cfd955fb19d64db8d05aebe
-
SHA512
7de51aa85839a183cb49967116e56573e86b3fb325c0192bb4b1b7f6ba10b5cb87ede7b006c2f3ac5373dbcf98c7463684519624a8639d42be8d953d9b149de7
-
SSDEEP
6144:JjluyDM3Io5R4nM/40yJN804J5HfAW/HXPF4gbXnr8+2kvrHflmf6EvRwaPv2yp3:JEyDMhqh2JhfA+Db8+2kjHflraPJB
Malware Config
Targets
-
-
Target
1be315a12dc5accb6994f156aff85bd0_exe32_JC.exe
-
Size
343KB
-
MD5
1be315a12dc5accb6994f156aff85bd0
-
SHA1
c9d6f74a053e1b2aa5d1e4f111b0ae93d78eab68
-
SHA256
99ef90d73c8081285e4c8698e772d78bdc340b668cfd955fb19d64db8d05aebe
-
SHA512
7de51aa85839a183cb49967116e56573e86b3fb325c0192bb4b1b7f6ba10b5cb87ede7b006c2f3ac5373dbcf98c7463684519624a8639d42be8d953d9b149de7
-
SSDEEP
6144:JjluyDM3Io5R4nM/40yJN804J5HfAW/HXPF4gbXnr8+2kvrHflmf6EvRwaPv2yp3:JEyDMhqh2JhfA+Db8+2kjHflraPJB
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-