Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

33c4081dd3...18.exe

windows7-x64

10

33c4081dd3...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    33c4081dd39045aa4b657efea4bd4e57_JaffaCakes118

  • Size

    64KB

  • Sample

    240710-h51dysterq

  • MD5

    33c4081dd39045aa4b657efea4bd4e57

  • SHA1

    8944335ecc2923d03135b33c852b3f5db8ccad38

  • SHA256

    c78479b5562b1896ece0a0f15c73a440725a7b8152a2caa25af822b2b1d845dc

  • SHA512

    5190af261c795880d71e753f22a703e5f121d7776f5eb5a0fc9fe1611fcca3b39265b1346e346f50f0c88e5cc3e1e1f6743ec84cd8d7cf0e7f33d1334d8ddf8a

  • SSDEEP

    768:DOwbjZgUymk2CFmm4eXDTlyfXHZzSTvF5a1rZgUymk2H1hcNpKIP11pC8aI/yLuN:pjZlIrXuMFs1rZlHzcNpK6BC8ZWuN

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      33c4081dd39045aa4b657efea4bd4e57_JaffaCakes118

    • Size

      64KB

    • MD5

      33c4081dd39045aa4b657efea4bd4e57

    • SHA1

      8944335ecc2923d03135b33c852b3f5db8ccad38

    • SHA256

      c78479b5562b1896ece0a0f15c73a440725a7b8152a2caa25af822b2b1d845dc

    • SHA512

      5190af261c795880d71e753f22a703e5f121d7776f5eb5a0fc9fe1611fcca3b39265b1346e346f50f0c88e5cc3e1e1f6743ec84cd8d7cf0e7f33d1334d8ddf8a

    • SSDEEP

      768:DOwbjZgUymk2CFmm4eXDTlyfXHZzSTvF5a1rZgUymk2H1hcNpKIP11pC8aI/yLuN:pjZlIrXuMFs1rZlHzcNpK6BC8ZWuN

    Score
    10/10
    persistenceupx

    • Modifies WinLogon for persistence

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks