Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

0f425a4707...18.exe

windows7-x64

10

0f425a4707...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0f425a4707b96550d100b3637d0bb6d0_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240503-av8nksae71

  • MD5

    0f425a4707b96550d100b3637d0bb6d0

  • SHA1

    313d5a06d35f018650fb4277aad532457022a666

  • SHA256

    91f488398d4aca958fa574fa99a1268851a4a242d81d7820aac25cec1f0eee62

  • SHA512

    42c39a4efb222cf538f80bb8da411fba2bf9cf150fb456803eca07d0e23017bf7f380dbd6673af9d29238ef19001f30096f6c138f8d6559893d3705246bb3a25

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5lCx7kvRWa4p1HzDgUUDh:NABa

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      0f425a4707b96550d100b3637d0bb6d0_JaffaCakes118

    • Size

      1.9MB

    • MD5

      0f425a4707b96550d100b3637d0bb6d0

    • SHA1

      313d5a06d35f018650fb4277aad532457022a666

    • SHA256

      91f488398d4aca958fa574fa99a1268851a4a242d81d7820aac25cec1f0eee62

    • SHA512

      42c39a4efb222cf538f80bb8da411fba2bf9cf150fb456803eca07d0e23017bf7f380dbd6673af9d29238ef19001f30096f6c138f8d6559893d3705246bb3a25

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5lCx7kvRWa4p1HzDgUUDh:NABa

    Score
    10/10
    xmrigexecutionminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.