Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    03087282bff4648494fad71faaf8176c_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240427-mdc7kahb6w

  • MD5

    03087282bff4648494fad71faaf8176c

  • SHA1

    2c2db6864fbd030691de8fd66eec882b5f89ffc1

  • SHA256

    32b7fdc1308d2414383dc5cda0942e84bdc3072b5157f4175254bd064b21b802

  • SHA512

    0c7e03498869a8ec16411ff76a474cdc6161d38a287114b3ccfe8c0d086ac1b8519adaa0041fca919af7c4477f728b16315c353323bbeb0dea5dd1be8420017b

  • SSDEEP

    24576:hax2z+5P9W4bveC4KuEemOw8iz5GKRgB8V9Urv0Jf:Ex2z2VDbveC4KucT8yGKe872v0Jf

Score
9/10

Malware Config

Targets

    • Target

      03087282bff4648494fad71faaf8176c_JaffaCakes118

    • Size

      1.1MB

    • MD5

      03087282bff4648494fad71faaf8176c

    • SHA1

      2c2db6864fbd030691de8fd66eec882b5f89ffc1

    • SHA256

      32b7fdc1308d2414383dc5cda0942e84bdc3072b5157f4175254bd064b21b802

    • SHA512

      0c7e03498869a8ec16411ff76a474cdc6161d38a287114b3ccfe8c0d086ac1b8519adaa0041fca919af7c4477f728b16315c353323bbeb0dea5dd1be8420017b

    • SSDEEP

      24576:hax2z+5P9W4bveC4KuEemOw8iz5GKRgB8V9Urv0Jf:Ex2z2VDbveC4KucT8yGKe872v0Jf

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks