Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    17c28486e68d77561ad0c9fdb38c32af_JaffaCakes118

  • Size

    66KB

  • Sample

    240627-2dlahavbnc

  • MD5

    17c28486e68d77561ad0c9fdb38c32af

  • SHA1

    c27b625cf42272507f06bd7f81264a2f213701a6

  • SHA256

    9a5fb1e780cd2e99abfe2146fceb7bba9a973e4c3ed20d74ae11dd128cd12a74

  • SHA512

    a9a8c957039393ab944e4420246311e7bc82f0383d8fed9cf6e04a69ae07a3eee65e3388122c02cd4934b64ab5174902ef4aaa5dab92212d73c3f8da1fb9d254

  • SSDEEP

    1536:6eD44YF3StnpVeQY0NWtI+pwPb2rQwa29mDTz/8w:61F3SxpZY1I+pJ7aimF

Malware Config

Targets

    • Target

      17c28486e68d77561ad0c9fdb38c32af_JaffaCakes118

    • Size

      66KB

    • MD5

      17c28486e68d77561ad0c9fdb38c32af

    • SHA1

      c27b625cf42272507f06bd7f81264a2f213701a6

    • SHA256

      9a5fb1e780cd2e99abfe2146fceb7bba9a973e4c3ed20d74ae11dd128cd12a74

    • SHA512

      a9a8c957039393ab944e4420246311e7bc82f0383d8fed9cf6e04a69ae07a3eee65e3388122c02cd4934b64ab5174902ef4aaa5dab92212d73c3f8da1fb9d254

    • SSDEEP

      1536:6eD44YF3StnpVeQY0NWtI+pwPb2rQwa29mDTz/8w:61F3SxpZY1I+pJ7aimF

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Enterprise v15

Tasks