Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JJSploit_8.10.7_x64-setup.nsis.zip

  • Size

    5.7MB

  • Sample

    241014-vm8c3awcqb

  • MD5

    8981cd26e588223069f3312444be6cc8

  • SHA1

    cce203a689135cc6a1c79c8c543be5839f7d43e0

  • SHA256

    4962e32eda2ccd7238948bf579c629a2e70c9bf5a029aa79abac01da119c4414

  • SHA512

    3fff093f1f41e84963495919eeb4a1fc43cead24e1ae12eb3d761a1865c28ec8ad20dd7a44b1eb8d4420dd22a5eaf7714a6727706fe2dfbfc6a10272ce20045e

  • SSDEEP

    98304:frPwHVCta3WJ3eKrvOsbroYIknJ0a/eFuwsqQkHOkb5DSnum1YmDhnu5NHxHDb4R:fyMAzKrv5raUJ32kbTlSD16ACG7q

Score
10/10

Malware Config

Targets

    • Target

      JJSploit_8.10.7_x64-setup.exe

    • Size

      5.7MB

    • MD5

      87bece829aec9cd170070742f5cc2db7

    • SHA1

      0a5d48a24e730dec327f08dfe86f79cc7991563e

    • SHA256

      88a19d3e027158e8c66d5068303532a0d56a700f718db80aa97e5e44f39bf4a4

    • SHA512

      198c80d4b430a38ac597ff9023128cdbc9d2891097beef239721c330c75a412c0bdb87a4bfb0609db94f320655f3df1fab7d885843c0af40687e46ddcc88c9d1

    • SSDEEP

      98304:hrPwHVCta3WJ3eKrvOsbroYIknJ0a/eFuwsqQkHOkb5DSnum1YmDhnu5NHxHDb4I:hyMAzKrv5raUJ32kbTlSD16ACG7x

    Score
    10/10
    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Network Share Discovery

      Attempt to gather information on host network.

MITRE ATT&CK Enterprise v15

Tasks