Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2b1ce56281a19db90437c5cae64b58a5_JaffaCakes118

  • Size

    2.4MB

  • Sample

    240509-v8xhpaeb9z

  • MD5

    2b1ce56281a19db90437c5cae64b58a5

  • SHA1

    6b95f8ab5532d7d8f7902500b784fc70aab26f1a

  • SHA256

    fde9faf609edf8a8bce2146216b3e7e78009e3cc801fa74ef13bec161255fee1

  • SHA512

    072806d253c92319b517450e1fb1fe64d90a9da3eb5eeff7698f16cecc94ddc74ec16a20e37efa61348c42a4d8746a0c61d63686e754dad452648fe4ea6a482b

  • SSDEEP

    49152:98oitLC6Ij4KXwmT9M+0rfrMJ5ywiG8OVClcvtZTL6BMxiG2PROCUgpK4j:iLdCrjXwohurGeG8OVClvY2zCW

Score
7/10

Malware Config

Targets

    • Target

      SkinH_EL.dll

    • Size

      86KB

    • MD5

      147127382e001f495d1842ee7a9e7912

    • SHA1

      92d1ed56032183c75d4b57d7ce30b1c4ae11dc9b

    • SHA256

      edf679c02ea2e170e67ab20dfc18558e2bfb4ee5d59eceeaea4b1ad1a626c3cc

    • SHA512

      97f5ae90a1bbacfe39b9e0f2954c24f9896cc9dca9d14364c438862996f3bbc04a4aa515742fccb3679d222c1302f5bb40c7eaddd6b5859d2d6ef79490243a4d

    • SSDEEP

      1536:s5Np2dgZgIehUUS3E1Ujmrvl179D53UWnGQRJZiXRmrCnKptnouy8K:s5Np2dlUX0+Cx17F8QRJZKmOK3outK

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      服务器软件.url

    • Size

      122B

    • MD5

      0e34045b283798bf75b1298823c0564e

    • SHA1

      ec8fceede59360fd171b90e62ee34f1fdab5a5f6

    • SHA256

      39f1bd81b14b7499162d49f9c55b11ca6eaecd43da7c16177fc3f70f10eb896f

    • SHA512

      1fc29e69f2155f07e07f4517d4c93c9bcdf353b41bd9f7b75d3c33bf9a2d2b091c4a1f17856335369e9d2dcce2971290876e5887bf5c7494cdd3b5b5be2c067e

    Score
    1/10
    • Target

      脚本之家.url

    • Size

      179B

    • MD5

      4cd77170219eef75a9b80093d2f07e36

    • SHA1

      5278826e134458ce821f007903442811730515f3

    • SHA256

      b83c06b9e79c55ddce8d2b5a9a389f875ffee2957df783bca7f5d9abb835be4b

    • SHA512

      e01a41f79eead75fad040824a4719567e83bc16ec5a46caae6c85ef7f54e6c33819bec008a53ee855414056572a1b2720ebe05a8ccfbb70e558b879362f2b4b4

    Score
    1/10
    • Target

      逆战逆鳞免费版X1.3.exe

    • Size

      2.4MB

    • MD5

      7b72048c6ca62e8cbc9c3769b528abe3

    • SHA1

      9c326d9451607465fab9f7a5543a3c25ed8cb782

    • SHA256

      ec8d045544fa33126b7e52f280aec96c10db83957d703473cc27a3b1faddb9e1

    • SHA512

      1b534e176a8f081bdbe494c02c69ad959b3b176f010edfaa1d39707cc8d63222cfa29588dcef93f7dedba804c12ecfe13ddcca1ca31a4ea24df4fa417d18fbff

    • SSDEEP

      49152:SrX0X7zAfHCU1bCHMqgk7Z8GdSK1n5pPz8ffMjy5gh:cykfiUegk7ZBd5pWfMjyS

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks