Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7

3796dccda5...18.exe

windows7-x64

10

3796dccda5...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3796dccda5d07130ae9dd41940fce54c_JaffaCakes118

  • Size

    134KB

  • Sample

    240711-ebznsaxdrm

  • MD5

    3796dccda5d07130ae9dd41940fce54c

  • SHA1

    2e35da547dda3c31f2062975935b3c09ab7f2a47

  • SHA256

    aed2c28ae943822820d8edf1c47cc4f92746da7ebad167021ee53a3b8791d5c6

  • SHA512

    625cb0d506e9bbe11ad1a72e3e6eba094451b7bc26e3957df706ae23ff7a4362726c6a528679bfb57415ee6c69b28a257d28934d2e8476c18b903141838839a0

  • SSDEEP

    1536:qQ7E4qUpcdWpYKNhPLfcshBFvzFcZ/kANE+:qCE4jmgYKHPLfVDJFc2A3

Score
10/10
evasionupx

Malware Config

Targets

    • Target

      3796dccda5d07130ae9dd41940fce54c_JaffaCakes118

    • Size

      134KB

    • MD5

      3796dccda5d07130ae9dd41940fce54c

    • SHA1

      2e35da547dda3c31f2062975935b3c09ab7f2a47

    • SHA256

      aed2c28ae943822820d8edf1c47cc4f92746da7ebad167021ee53a3b8791d5c6

    • SHA512

      625cb0d506e9bbe11ad1a72e3e6eba094451b7bc26e3957df706ae23ff7a4362726c6a528679bfb57415ee6c69b28a257d28934d2e8476c18b903141838839a0

    • SSDEEP

      1536:qQ7E4qUpcdWpYKNhPLfcshBFvzFcZ/kANE+:qCE4jmgYKHPLfVDJFc2A3

    Score
    10/10
    evasionupx

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops desktop.ini file(s)

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks