Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6812d6fba47adabb337563ca20fa84f8.bin
-
Size
1.2MB
-
Sample
240421-bmntwafe2s
-
MD5
e5198048f039c2b6e94a69c7c41897d8
-
SHA1
d5b3158576bc76fa0f8377a924885ecfe00178bd
-
SHA256
21466b223aee245b59ac52cdf7dd26beca648839a6b9753a521acbd8b04f9c78
-
SHA512
fc3732191f61ae1104ab77f3be3737747c08c7c2d80ddfeaca58733cb771dc7bb1e9f79e952b450e63fe90449b21f2f660811383e3d10ca6e8a448458c46748b
-
SSDEEP
24576:QM5lDtg1DHWUyDn3kWcUcPha+VuBpLX0X5/GSjGMy0AwK3:Q8lDtgNgDn0McZTcl0X5/TAz3
Malware Config
Targets
-
-
Target
6ac96e55099f4737d755e8caa4a03a4ad47faec1e7d133c3eb67c9a7057cd574.js
-
Size
3.8MB
-
MD5
6812d6fba47adabb337563ca20fa84f8
-
SHA1
2ab5b312c71f2a60d53c16fad7690291ea6d5bb0
-
SHA256
6ac96e55099f4737d755e8caa4a03a4ad47faec1e7d133c3eb67c9a7057cd574
-
SHA512
63d595755ddb4f6b680fb41068f285fbfa6b87d508b7efe1c2f481e70722a2d08669f15b08e362e8db0fdbd85f84796d1f1dd48717c7bf6392055dbbedfeaeae
-
SSDEEP
49152:DVz6cMuHZupT2iUkP6qOyJdCt6x9loTDW6bK53j+ji48++M0fTW/JDy4TaERYUbB:V
Score10/10-
Vjw0rm
Vjw0rm is a remote access trojan written in JavaScript.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-