Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

e9f7251adf...18.exe

windows7-x64

10

e9f7251adf...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e9f7251adf63ca905ff1423def163df5_JaffaCakes118

  • Size

    220KB

  • Sample

    240409-pelw7shh9y

  • MD5

    e9f7251adf63ca905ff1423def163df5

  • SHA1

    e2582bd560f0e7461d0c43b3b305f0365d7761e6

  • SHA256

    aa778f939977b80f87a04747721eabaeae4ab5e09d5eb2178ee650f2c3f96dd6

  • SHA512

    ee18284b5cba717cd57173f03381a4ed3d4c416375370d9c7415fcaa0c63396de4c7999c516a1dfd5ba69e7511898163273a73d6a8818eb10ae854557d69ab81

  • SSDEEP

    1536:c3bsEIbdCdWMGEd/OUD4k3oAm0uKBBi58YpcJ/NsnXUIL6UwGug7LB7hrqH84Jao:Lby2GXFfYEWnEY6URBV/4O+L9VVpWvQ

Score
10/10
vobfuspersistenceupxworm

Malware Config

Targets

    • Target

      e9f7251adf63ca905ff1423def163df5_JaffaCakes118

    • Size

      220KB

    • MD5

      e9f7251adf63ca905ff1423def163df5

    • SHA1

      e2582bd560f0e7461d0c43b3b305f0365d7761e6

    • SHA256

      aa778f939977b80f87a04747721eabaeae4ab5e09d5eb2178ee650f2c3f96dd6

    • SHA512

      ee18284b5cba717cd57173f03381a4ed3d4c416375370d9c7415fcaa0c63396de4c7999c516a1dfd5ba69e7511898163273a73d6a8818eb10ae854557d69ab81

    • SSDEEP

      1536:c3bsEIbdCdWMGEd/OUD4k3oAm0uKBBi58YpcJ/NsnXUIL6UwGug7LB7hrqH84Jao:Lby2GXFfYEWnEY6URBV/4O+L9VVpWvQ

    Score
    10/10
    vobfuspersistenceupxworm

    • Vobfus

      A widespread worm which spreads via network drives and removable media.

      wormvobfus

    • Adds policy Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks