Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

03a0258a92...18.exe

windows7-x64

7

03a0258a92...18.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03a0258a9278f97b91d579260448d441_JaffaCakes118

  • Size

    1.5MB

  • Sample

    240620-g7rddstekb

  • MD5

    03a0258a9278f97b91d579260448d441

  • SHA1

    d212dcbd2cb15a0fbfee7f5f72a97da18e80f56e

  • SHA256

    0cd630cd90f23a11b1219d0a0ba525eb6d63b204b4b035edac6bd28647db14e4

  • SHA512

    44ca961f6decfd81776b601e104dea886b6eb22803b0d7b913802f1709da4b97c700749ea9a241bd70d6fa63b534894eddb1a897ec2a2e0a68e73507075a9319

  • SSDEEP

    24576:gL1LillQEbHh0FE5egqtijDg7qh689k+ZESOh8AqppyCQ7qnrfI9mbcTQu32kbXN:NlQEb2Mv0ijSZaXZESg8B0CQ+nM9sckS

Score
7/10
persistencethemida

Malware Config

Targets

    • Target

      03a0258a9278f97b91d579260448d441_JaffaCakes118

    • Size

      1.5MB

    • MD5

      03a0258a9278f97b91d579260448d441

    • SHA1

      d212dcbd2cb15a0fbfee7f5f72a97da18e80f56e

    • SHA256

      0cd630cd90f23a11b1219d0a0ba525eb6d63b204b4b035edac6bd28647db14e4

    • SHA512

      44ca961f6decfd81776b601e104dea886b6eb22803b0d7b913802f1709da4b97c700749ea9a241bd70d6fa63b534894eddb1a897ec2a2e0a68e73507075a9319

    • SSDEEP

      24576:gL1LillQEbHh0FE5egqtijDg7qh689k+ZESOh8AqppyCQ7qnrfI9mbcTQu32kbXN:NlQEb2Mv0ijSZaXZESg8B0CQ+nM9sckS

    Score
    7/10
    persistencethemida

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks