Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

145fef85c8...18.exe

windows7-x64

8

145fef85c8...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    145fef85c878f425d4ce9cd0dda21528_JaffaCakes118

  • Size

    16.2MB

  • Sample

    240504-zcaq9sae6y

  • MD5

    145fef85c878f425d4ce9cd0dda21528

  • SHA1

    2dec292c5e93c3284c1b0f14408dd42bfc0167fc

  • SHA256

    034fe030f12edbc41527f20a5a29731b833101117973b723e7fb816458ee44ad

  • SHA512

    d663e3c5db06ba610109e2fed924480f2f130c666fe55be6552ea8a9eb93cc8184ab3de8a10b8ecd41dda26e41905605a44d61e49fd08c079dccc522afdc90c4

  • SSDEEP

    98304:XX77GBfWZ5KYOXwnS4rVQSoYOXwnS4rVt3:vGBfWZJIz8IE

Score
8/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      145fef85c878f425d4ce9cd0dda21528_JaffaCakes118

    • Size

      16.2MB

    • MD5

      145fef85c878f425d4ce9cd0dda21528

    • SHA1

      2dec292c5e93c3284c1b0f14408dd42bfc0167fc

    • SHA256

      034fe030f12edbc41527f20a5a29731b833101117973b723e7fb816458ee44ad

    • SHA512

      d663e3c5db06ba610109e2fed924480f2f130c666fe55be6552ea8a9eb93cc8184ab3de8a10b8ecd41dda26e41905605a44d61e49fd08c079dccc522afdc90c4

    • SSDEEP

      98304:XX77GBfWZ5KYOXwnS4rVQSoYOXwnS4rVt3:vGBfWZJIz8IE

    Score
    8/10
    discoverypersistencespywarestealer

    • Contacts a large (746) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks