Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f5e38aa8ccb6b846b1c6dfb42700a6a5_JaffaCakes118

  • Size

    1000KB

  • Sample

    240417-qstpmsbb8z

  • MD5

    f5e38aa8ccb6b846b1c6dfb42700a6a5

  • SHA1

    29b4e8992e9c900eb9fa6e52625ed454a8aba0cd

  • SHA256

    49c5a2607eebb86d736470a15f317f2d4684a6ef8a3eef47412147f13f4a95f3

  • SHA512

    52b47181772bed42bc532a8bb614e773c5dd6731ecb76bbacf3c2a4afea648c53cfda77a92cad344a33defa854f5405afc25bf50f49c3eec4598496459519ccc

  • SSDEEP

    24576:qwvgNIwg6Ty3X76+y2BmmCrk1B+5vMiqt0gj2ed:qwvZGz2qOL

Score
7/10

Malware Config

Targets

    • Target

      f5e38aa8ccb6b846b1c6dfb42700a6a5_JaffaCakes118

    • Size

      1000KB

    • MD5

      f5e38aa8ccb6b846b1c6dfb42700a6a5

    • SHA1

      29b4e8992e9c900eb9fa6e52625ed454a8aba0cd

    • SHA256

      49c5a2607eebb86d736470a15f317f2d4684a6ef8a3eef47412147f13f4a95f3

    • SHA512

      52b47181772bed42bc532a8bb614e773c5dd6731ecb76bbacf3c2a4afea648c53cfda77a92cad344a33defa854f5405afc25bf50f49c3eec4598496459519ccc

    • SSDEEP

      24576:qwvgNIwg6Ty3X76+y2BmmCrk1B+5vMiqt0gj2ed:qwvZGz2qOL

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks