Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3a477a4cac97056f9f2ed1e517f25f00_JaffaCakes118

  • Size

    340KB

  • Sample

    240512-qfs8cabb72

  • MD5

    3a477a4cac97056f9f2ed1e517f25f00

  • SHA1

    cb39d60a830288818213ae550cde14d070b9a0d5

  • SHA256

    f9fe3dafa329a6dee118fa58c8f4b5e09f6a1ddc872159762a338a144b9857e8

  • SHA512

    d40d84842540fedb0febcce293798b918e8fb6b4075f74271f47389e03f47597ea6c123797d87b33035ad7496bdae0ac06d758f0f62a257095f2186198bb7c8c

  • SSDEEP

    6144:SZ6LzOTyFmrGlVZ4jILEKb+4Ve3QPqfSYYKDP1oEWSw+ZmVKp8x6kg7kxZvi1Se:M6LzOmFmrGrZcILEe+4VbPqwqPKGw+Zx

Score
7/10
upx

Malware Config

Targets

    • Target

      sample

    • Size

      445KB

    • MD5

      25e87c4070d459f5259b60dbe6c985bb

    • SHA1

      ae2d0882d9630798c061cc2a54ed8a913d289fce

    • SHA256

      c580a88c58ac898f5090dab9be5249fdfb2e1b4dfaaf4646224edab76be63fea

    • SHA512

      06fb28d697ddb01a7e7d29e330fd74d9c48261cea9ad7771e17497b2639871c8c1b40a11cad22c901e8674caf75630158dc34f191191115699f37ee7f3e5825e

    • SSDEEP

      6144:iw+R+VrYjQf/KOgzTrMzWdKT1f/5dWDquH2sJgHvKr8e0lYx6kgIHsL:cEVrZf/ATwzbS2mgPlyzdHu

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks