Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0881d29c9d6715b21699cb530e64de66_JaffaCakes118

  • Size

    785KB

  • Sample

    240624-pnl9bsvhrr

  • MD5

    0881d29c9d6715b21699cb530e64de66

  • SHA1

    9e82f1490e9667ce8b85e0d85d3bae4b45985efc

  • SHA256

    31d98ddf543783b9a789d204931d4c7fa516779cff6e7429a9ede27f198ae139

  • SHA512

    27d76a1babf909e0b35b36e2134c933b85bcf314bd174a4412c00d126e04d85af292d7801fd3f5346305c6d555d1adb1bb7cd97d162e75417b530828fdb9746a

  • SSDEEP

    12288:WdGXmL8wb+vQzKklj0WmOmRDHg0mG/vxHvnZtGNNvpaBnREAvAQqbV9N6ydT:WdG2L8zuKYZmjd3PHyNvnQO

Score
9/10

Malware Config

Targets

    • Target

      0881d29c9d6715b21699cb530e64de66_JaffaCakes118

    • Size

      785KB

    • MD5

      0881d29c9d6715b21699cb530e64de66

    • SHA1

      9e82f1490e9667ce8b85e0d85d3bae4b45985efc

    • SHA256

      31d98ddf543783b9a789d204931d4c7fa516779cff6e7429a9ede27f198ae139

    • SHA512

      27d76a1babf909e0b35b36e2134c933b85bcf314bd174a4412c00d126e04d85af292d7801fd3f5346305c6d555d1adb1bb7cd97d162e75417b530828fdb9746a

    • SSDEEP

      12288:WdGXmL8wb+vQzKklj0WmOmRDHg0mG/vxHvnZtGNNvpaBnREAvAQqbV9N6ydT:WdG2L8zuKYZmjd3PHyNvnQO

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks