Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8074961066ba93b4749da06106e68147_JaffaCakes118

  • Size

    3.8MB

  • Sample

    240529-mpt98abg6s

  • MD5

    8074961066ba93b4749da06106e68147

  • SHA1

    e380697cfd9ea87de323c213f552a0d248d9573e

  • SHA256

    1a499f8e634c9af3091e824b80098544f50353ee7f90634c40460150c8408207

  • SHA512

    010ad2ffe51371488a16f1a8f7883f3275b56a601e0ee44727ca058ccfedc0e4268e6750cdf32cfb95c4b7558d829d41f39b06c361edaf9e115767b44375a630

  • SSDEEP

    98304:uZuarCtWyX0p+tUFHtrXCDHGkSn8b+vPd8:uZHrzyG+2aDHGkS8C2

Score
7/10

Malware Config

Targets

    • Target

      8074961066ba93b4749da06106e68147_JaffaCakes118

    • Size

      3.8MB

    • MD5

      8074961066ba93b4749da06106e68147

    • SHA1

      e380697cfd9ea87de323c213f552a0d248d9573e

    • SHA256

      1a499f8e634c9af3091e824b80098544f50353ee7f90634c40460150c8408207

    • SHA512

      010ad2ffe51371488a16f1a8f7883f3275b56a601e0ee44727ca058ccfedc0e4268e6750cdf32cfb95c4b7558d829d41f39b06c361edaf9e115767b44375a630

    • SSDEEP

      98304:uZuarCtWyX0p+tUFHtrXCDHGkSn8b+vPd8:uZHrzyG+2aDHGkS8C2

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks