Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
30187df5048190715cbdb08137f81e23_JaffaCakes118
-
Size
3.3MB
-
Sample
240709-m2gjwssenc
-
MD5
30187df5048190715cbdb08137f81e23
-
SHA1
1933d1db4d48c481348a6d08b23ad314e7176156
-
SHA256
f178e94e09564ded2bc619b2a3a80ebd29be5b6e30fa446d16465505359e19fc
-
SHA512
1f2cf14de8833000159d11e16726b9a3fbc038283791c9408ec538d1e4a810b3b87189151166b97bd96e131f00074252c0cbb2a6927071b76c6bcaa9903b0644
-
SSDEEP
98304:EQm/xhU827iAIHKvXcxRcXUaRaGPO+yzQai:EQm8/3CUXcbqRaGm7zO
Malware Config
Targets
-
-
Target
30187df5048190715cbdb08137f81e23_JaffaCakes118
-
Size
3.3MB
-
MD5
30187df5048190715cbdb08137f81e23
-
SHA1
1933d1db4d48c481348a6d08b23ad314e7176156
-
SHA256
f178e94e09564ded2bc619b2a3a80ebd29be5b6e30fa446d16465505359e19fc
-
SHA512
1f2cf14de8833000159d11e16726b9a3fbc038283791c9408ec538d1e4a810b3b87189151166b97bd96e131f00074252c0cbb2a6927071b76c6bcaa9903b0644
-
SSDEEP
98304:EQm/xhU827iAIHKvXcxRcXUaRaGPO+yzQai:EQm8/3CUXcbqRaGm7zO
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-