Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    29a2e79407ce167058c8f594942bcd45_JaffaCakes118

  • Size

    127KB

  • Sample

    240707-bla7dssajf

  • MD5

    29a2e79407ce167058c8f594942bcd45

  • SHA1

    67c7cfe5ca131eb196da1216f719acdc769d8611

  • SHA256

    756b67abc8b7aa9703757b8c64abbb2e60f32020016a48ade071c8c5ea6dc5f6

  • SHA512

    c123eb995468d0470a14c2c2b841ed7c595209f2d66abeab64d9c746cdadada13e234927b2e8aa2087b366bf0e6b5c802dfa640aa31f110219831dd57003d10e

  • SSDEEP

    768:J9xjAZ5T6H3deXsDGnfyHE5AE+cCltnPSBcsIaDToe/wL+x50dnIO9FJwIbBZH/K:vxjAZ0VOqYolU0dn7JwIlZ5mvLa

Score
10/10

Malware Config

Targets

    • Target

      29a2e79407ce167058c8f594942bcd45_JaffaCakes118

    • Size

      127KB

    • MD5

      29a2e79407ce167058c8f594942bcd45

    • SHA1

      67c7cfe5ca131eb196da1216f719acdc769d8611

    • SHA256

      756b67abc8b7aa9703757b8c64abbb2e60f32020016a48ade071c8c5ea6dc5f6

    • SHA512

      c123eb995468d0470a14c2c2b841ed7c595209f2d66abeab64d9c746cdadada13e234927b2e8aa2087b366bf0e6b5c802dfa640aa31f110219831dd57003d10e

    • SSDEEP

      768:J9xjAZ5T6H3deXsDGnfyHE5AE+cCltnPSBcsIaDToe/wL+x50dnIO9FJwIbBZH/K:vxjAZ0VOqYolU0dn7JwIlZ5mvLa

    Score
    10/10
    • Modifies WinLogon for persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks