Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

jsm_sas.rbxm

windows10-1703-x64

Resubmissions

28/08/2024, 00:19 UTC

240828-amfylaxhja 1

28/08/2024, 00:19 UTC

240828-al8bfsxgrd 1

28/08/2024, 00:04 UTC

240828-actrpszakp 8

28/08/2024, 00:01 UTC

240828-aa6cqaxerd 5

27/08/2024, 23:49 UTC

240827-3t17bsxdpe 7

27/08/2024, 23:36 UTC

240827-3lzzasydrr 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    jsm_sas.rbxm

  • Size

    592KB

  • Sample

    240827-3t17bsxdpe

  • MD5

    8868b47dca5975929f896e93d0c7d52c

  • SHA1

    65783e973c97fd74d9d4ae131a77edb5e69ab909

  • SHA256

    c88161c58bfec207c4a9da9598d24a6a4cdc83e81a123bf3c38c188f03bfad62

  • SHA512

    e8388afb220b48d9a6fa8d32cc652258307ddfb39fdfcf5e9d5a631f23ff6ab005c3be371d1d2e015e1db8a4fa1b5cf306e52f4f77c075da58316aaa245223f3

  • SSDEEP

    12288:WLaIb4s0L6cI58hGQDcrPyavp7R1R0Fb7ptJLZilvQbp:WLaV1e0cPyE7R1wb7o8

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      jsm_sas.rbxm

    • Size

      592KB

    • MD5

      8868b47dca5975929f896e93d0c7d52c

    • SHA1

      65783e973c97fd74d9d4ae131a77edb5e69ab909

    • SHA256

      c88161c58bfec207c4a9da9598d24a6a4cdc83e81a123bf3c38c188f03bfad62

    • SHA512

      e8388afb220b48d9a6fa8d32cc652258307ddfb39fdfcf5e9d5a631f23ff6ab005c3be371d1d2e015e1db8a4fa1b5cf306e52f4f77c075da58316aaa245223f3

    • SSDEEP

      12288:WLaIb4s0L6cI58hGQDcrPyavp7R1R0Fb7ptJLZilvQbp:WLaV1e0cPyE7R1wb7o8

    Score
    7/10
    discoverypersistence

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.