Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9f046aa9e46726891c302fd2db9a3190_JaffaCakes118

  • Size

    60KB

  • Sample

    240611-v9cvnsvera

  • MD5

    9f046aa9e46726891c302fd2db9a3190

  • SHA1

    b760b61ed7262d10664deb923944e6a4276df77d

  • SHA256

    adb7d7dc2e9f52d63b90bc7bd871a0c13c07ee8ce730d624f398b7acbc57054a

  • SHA512

    baf1a4a8b79a0289bb5cfee134e90ad7ee917b19be8be66ed333652442185ea8924969819b1b2be3dde166359d8a06ecaa6150fa4ac663853b28d62ee5a92d80

  • SSDEEP

    384:A3K7pE7vPFJUOIg9J+ZE+IBU7c7G1Mrn1qYNMgbnJF7hXKHeBNgw9KsWjDlNpje/:Ii67PFJagDQVxYnLtF90Gfmnpj+

Score
10/10

Malware Config

Extracted

Family

guloader

C2

http://wewewewewesesesesasbacwederffggffddsss.duckdns.org/jks/bbn.bin

Targets

    • Target

      9f046aa9e46726891c302fd2db9a3190_JaffaCakes118

    • Size

      60KB

    • MD5

      9f046aa9e46726891c302fd2db9a3190

    • SHA1

      b760b61ed7262d10664deb923944e6a4276df77d

    • SHA256

      adb7d7dc2e9f52d63b90bc7bd871a0c13c07ee8ce730d624f398b7acbc57054a

    • SHA512

      baf1a4a8b79a0289bb5cfee134e90ad7ee917b19be8be66ed333652442185ea8924969819b1b2be3dde166359d8a06ecaa6150fa4ac663853b28d62ee5a92d80

    • SSDEEP

      384:A3K7pE7vPFJUOIg9J+ZE+IBU7c7G1Mrn1qYNMgbnJF7hXKHeBNgw9KsWjDlNpje/:Ii67PFJagDQVxYnLtF90Gfmnpj+

    Score
    10/10
    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks