Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    41de873fc32e644ca9d5b7fbfd0e9fd3_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240514-r3297sbc9s

  • MD5

    41de873fc32e644ca9d5b7fbfd0e9fd3

  • SHA1

    73aa931e8c6f7437cb3e7234a5860aef201ce957

  • SHA256

    156b938650396ca58781396ab4c9f98f01188d61a9aeeeb8d7cfc5119960e4cd

  • SHA512

    7d544d2bc2d6cb69c836fe74766054b9a104c77cdfb20ad4ba14001ac01f65ab11755371d9f48f80066b9013f4afe996122cb9ec9d841e6ea69356facffa9d82

  • SSDEEP

    24576:iGwsWy/7Cab83RI3i0Iw+76n9cmnYiMSCMKrUDy:iOnDKI3iXwSw9Bn4Sqiy

Score
9/10

Malware Config

Targets

    • Target

      41de873fc32e644ca9d5b7fbfd0e9fd3_JaffaCakes118

    • Size

      1.1MB

    • MD5

      41de873fc32e644ca9d5b7fbfd0e9fd3

    • SHA1

      73aa931e8c6f7437cb3e7234a5860aef201ce957

    • SHA256

      156b938650396ca58781396ab4c9f98f01188d61a9aeeeb8d7cfc5119960e4cd

    • SHA512

      7d544d2bc2d6cb69c836fe74766054b9a104c77cdfb20ad4ba14001ac01f65ab11755371d9f48f80066b9013f4afe996122cb9ec9d841e6ea69356facffa9d82

    • SSDEEP

      24576:iGwsWy/7Cab83RI3i0Iw+76n9cmnYiMSCMKrUDy:iOnDKI3iXwSw9Bn4Sqiy

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks