Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8109fe22b584248c396f6a2cea3baf50_JaffaCakes118

  • Size

    1.6MB

  • Sample

    240529-rpk4rsaa39

  • MD5

    8109fe22b584248c396f6a2cea3baf50

  • SHA1

    13b1e2af45b7be21cee79b58a03a0c4399995178

  • SHA256

    450d7f97f23c00301ac334c05f296fe304b4bdb02cd72e4a98391e691c7b35f6

  • SHA512

    5e9a1dcd94a228ef779f8748313e142967c678cea611246a5cf8a849fe9f2b33370fafbea7dd954f3875045848836286c6926c2c10c0c54f35286e3f4d556b53

  • SSDEEP

    24576:k00XOSvEJd8eEDPq6tP/1w9D8AB+Pcx4+ElgICVOpGForZx1D:k0ov4d8eEDPnJ1sYAB+Pcxmgo1xh

Score
9/10

Malware Config

Targets

    • Target

      9gpan.exe

    • Size

      1.6MB

    • MD5

      4ab1764f657d113a8a5ce4ba1374f5cf

    • SHA1

      8d087e7f19787daee69ec69347f77895a2079284

    • SHA256

      5d838f8cb19dfc41737fee7718f4638da40c044c5f03fa4791e45cff6b707543

    • SHA512

      1b13296934dcc6a32daa4bb86fb78499545c7b4e9082eaf06783308e69d77ceb4e7a19b738823a63ee7f317a916cb38dabe94ea91f9391fa15669073781736a0

    • SSDEEP

      49152:hrQXuHTEgedDme7cG2NgiL2c9SAWK39P0KXZcN:hmuznq7cZNVL2cgQL

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      多多软件站-提供绿色软件和热门单机游戏下载.url

    • Size

      149B

    • MD5

      829f4620e7cfc918a5e9aa64dc7b1516

    • SHA1

      448a5078d6abeb5b7cec64bebd2cb52f1a775bf3

    • SHA256

      be35c1f6807f0b264074ece00a59435b44f06fed9695a522db2b47a0feade51d

    • SHA512

      ff11639ad24c4eaf27217a1c07acd51900b988c2f4cd230cde0ceae342f1179eb3c2d88bd58fb31e86c0c9db463f5b60390769b0de2b7f24678c1be8ecd6b0f5

    Score
    1/10
    • Target

      软件说明.url

    • Size

      167B

    • MD5

      838c9300db2b7abbe4d2ec720a176a56

    • SHA1

      bc2e2130203cdd2381dfc3280dffa9dc7d896cb6

    • SHA256

      acd834fa70bb31d58dc9ca1e3a653840ab2e82bd53c14708b9429699f16dfc58

    • SHA512

      979d0efd4b516437998b62d3e011d01b18ba44b6a15e047dcb6d535f0d9cbaf57dbd37760577fcec399593d61d4c548121625892e0f8ca81ceb887989248f9e5

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks