Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

00a7c760ad...18.exe

windows7-x64

7

00a7c760ad...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    00a7c760ad59c74a9f39c5ba09bf99b5_JaffaCakes118

  • Size

    824KB

  • Sample

    240619-1j37tsshjg

  • MD5

    00a7c760ad59c74a9f39c5ba09bf99b5

  • SHA1

    39ad1b32d9d8a6ae87ade2efcbbfff55c24194ab

  • SHA256

    d42684ad6b7c241777f2535ddc35b684f10b8dc53132711c3c5ce336c6a586c1

  • SHA512

    308bfd52562ddf9073efea700ae6cd7223c85a2e9ffd6f7da84b4488b1e96554e94878dc605782187e0b4845c22834cc3876bed264d41eeadcc3ffcd693f6d46

  • SSDEEP

    24576:rsxdD3o3qDa6Hg3oCeffVg0ucrC0MysKD1OsK:rsP3olLeff4wOs

Score
7/10
persistencevmprotect

Malware Config

Targets

    • Target

      00a7c760ad59c74a9f39c5ba09bf99b5_JaffaCakes118

    • Size

      824KB

    • MD5

      00a7c760ad59c74a9f39c5ba09bf99b5

    • SHA1

      39ad1b32d9d8a6ae87ade2efcbbfff55c24194ab

    • SHA256

      d42684ad6b7c241777f2535ddc35b684f10b8dc53132711c3c5ce336c6a586c1

    • SHA512

      308bfd52562ddf9073efea700ae6cd7223c85a2e9ffd6f7da84b4488b1e96554e94878dc605782187e0b4845c22834cc3876bed264d41eeadcc3ffcd693f6d46

    • SSDEEP

      24576:rsxdD3o3qDa6Hg3oCeffVg0ucrC0MysKD1OsK:rsP3olLeff4wOs

    Score
    7/10
    persistencevmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Adds Run key to start application

      persistence

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks