Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JJSploit_8.10.7_x64-setup.nsis.zip
-
Size
5.7MB
-
Sample
241014-vm8c3awcqb
-
MD5
8981cd26e588223069f3312444be6cc8
-
SHA1
cce203a689135cc6a1c79c8c543be5839f7d43e0
-
SHA256
4962e32eda2ccd7238948bf579c629a2e70c9bf5a029aa79abac01da119c4414
-
SHA512
3fff093f1f41e84963495919eeb4a1fc43cead24e1ae12eb3d761a1865c28ec8ad20dd7a44b1eb8d4420dd22a5eaf7714a6727706fe2dfbfc6a10272ce20045e
-
SSDEEP
98304:frPwHVCta3WJ3eKrvOsbroYIknJ0a/eFuwsqQkHOkb5DSnum1YmDhnu5NHxHDb4R:fyMAzKrv5raUJ32kbTlSD16ACG7q
Static task
static1
Behavioral task
behavioral1
Sample
JJSploit_8.10.7_x64-setup.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JJSploit_8.10.7_x64-setup.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
JJSploit_8.10.7_x64-setup.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral4
Sample
JJSploit_8.10.7_x64-setup.exe
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
JJSploit_8.10.7_x64-setup.exe
-
Size
5.7MB
-
MD5
87bece829aec9cd170070742f5cc2db7
-
SHA1
0a5d48a24e730dec327f08dfe86f79cc7991563e
-
SHA256
88a19d3e027158e8c66d5068303532a0d56a700f718db80aa97e5e44f39bf4a4
-
SHA512
198c80d4b430a38ac597ff9023128cdbc9d2891097beef239721c330c75a412c0bdb87a4bfb0609db94f320655f3df1fab7d885843c0af40687e46ddcc88c9d1
-
SSDEEP
98304:hrPwHVCta3WJ3eKrvOsbroYIknJ0a/eFuwsqQkHOkb5DSnum1YmDhnu5NHxHDb4I:hyMAzKrv5raUJ32kbTlSD16ACG7x
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-