Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    baritone-1.21.1-20240826.213754-1.jar

  • Size

    1.5MB

  • Sample

    240902-ex4jvssekd

  • MD5

    81b7cea89fcedad33a8e8c4430fb23f5

  • SHA1

    28d660c9dcd24208b03029e4c36708a62e49e6c0

  • SHA256

    5dee92abf17b9a96ddf1a65ec08038f3193899a4c5a8c9ad1270b75ae31c1183

  • SHA512

    01e523774fad78af4b383d55eaf8b5a568c5afa97694b20dba5630834a0a62858ea4c2dee6be69e378ab13424de53ef569833924ad79f0f357dcc0fcc221e8cb

  • SSDEEP

    49152:6UgAWlNH4wmEcFGcQrA3FTPQwl+yjrQYU0tJJR:pWlwnFt3xowl+yjD

Malware Config

Targets

    • Target

      baritone-1.21.1-20240826.213754-1.jar

    • Size

      1.5MB

    • MD5

      81b7cea89fcedad33a8e8c4430fb23f5

    • SHA1

      28d660c9dcd24208b03029e4c36708a62e49e6c0

    • SHA256

      5dee92abf17b9a96ddf1a65ec08038f3193899a4c5a8c9ad1270b75ae31c1183

    • SHA512

      01e523774fad78af4b383d55eaf8b5a568c5afa97694b20dba5630834a0a62858ea4c2dee6be69e378ab13424de53ef569833924ad79f0f357dcc0fcc221e8cb

    • SSDEEP

      49152:6UgAWlNH4wmEcFGcQrA3FTPQwl+yjrQYU0tJJR:pWlwnFt3xowl+yjD

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Mark of the Web detected: This indicates that the page was originally saved or cloned.

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks