Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    17e2de852e303134bfae71f5c0373f6b_JaffaCakes118

  • Size

    4.5MB

  • Sample

    240627-25wwbaxckf

  • MD5

    17e2de852e303134bfae71f5c0373f6b

  • SHA1

    abd175609d7444e8a12dc9a25fe7523ed25bc868

  • SHA256

    fc46199993b65c1ae8a2d13aafaf030e1f44c60e393efcb53acb8fc52f90e6f4

  • SHA512

    ed255ac253379e768ad82774db8eced29b76331f6df48998dccda3cd25c6fd7dbaeb341c7986781f2081f0a2f23244e6fda90b8db7de563caea200cd07592b7d

  • SSDEEP

    98304:GQ7Aj4SwcavjUJGYsBKfBTTdOtEDP/Q13uYGvfSdabD6mfFvf5:fOcLUJJsYfBTAtiP/Q13TGidE6mfFvB

Score
7/10
upx

Malware Config

Targets

    • Target

      155绿色软件站.url

    • Size

      219B

    • MD5

      3a1f2a8a3ef08ae269517a69ea918b2c

    • SHA1

      7d2e6719702bc8472e045e010efa6ed3f7df4b5b

    • SHA256

      66eafefa8bb0155e60828476bde6068573fe64a4fd0aa052eba074dbe85d46cd

    • SHA512

      22203a78192cadc02d0f887247675925273a69e3be82ec1a331197f892216a282cc8f37c3ffbfb578a708244181037277b8cc6a40d8ec70cdf0feac5d80f8576

    Score
    1/10
    • Target

      Ghost安装器.exe

    • Size

      4.5MB

    • MD5

      ac33168a21c93cae0af18edcc477baa0

    • SHA1

      5ba450393e08eaa748a9b03e7bd191106b48a30e

    • SHA256

      020c3fd01f2802b258becf7411c5d76b405d685d5ec26c1fa7e03d22a052d23b

    • SHA512

      a5c632103b2b455ae949406a9b4edca40eb72aa9d06bc59f8d290d837b76768422467647cad78619492e856fc871746bf8c07bcdc9e0ccfc1701e273d1aad026

    • SSDEEP

      98304:XSxZuGZQ2rFDZGagdFKrV+9d7QAbzEK77BJ:ie2rFDQbp9lxzj7VJ

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks