Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

48ed6cc822...18.exe

windows7-x64

8

48ed6cc822...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    48ed6cc822708e4f15f78d7c1a6214ec_JaffaCakes118

  • Size

    11KB

  • Sample

    240715-jz9k4szajg

  • MD5

    48ed6cc822708e4f15f78d7c1a6214ec

  • SHA1

    449a87c91749c11350b9f238e404f6065a6bb2d1

  • SHA256

    9d52355ef9b1777563fb08a45c581c655ce44bc199f6b9e82b7a74b6d5cdd73a

  • SHA512

    4af068d0e133f1e68f785802fca39b770110aa8239538e122132e0063a8cd867e1994901785292fb7c9c4c1288f769f032c899243653863bcfdc1d4131e0a79d

  • SSDEEP

    192:NE4JgPu/PlfaC8NahI7yFJQT0V6RfCyG/B9ShZVuIaMAUaUGo7/r1Bclg:NE4WPOfarNa3JK0V5whGIahUaUGof8g

Score
8/10
persistenceprivilege_escalationupx

Malware Config

Targets

    • Target

      48ed6cc822708e4f15f78d7c1a6214ec_JaffaCakes118

    • Size

      11KB

    • MD5

      48ed6cc822708e4f15f78d7c1a6214ec

    • SHA1

      449a87c91749c11350b9f238e404f6065a6bb2d1

    • SHA256

      9d52355ef9b1777563fb08a45c581c655ce44bc199f6b9e82b7a74b6d5cdd73a

    • SHA512

      4af068d0e133f1e68f785802fca39b770110aa8239538e122132e0063a8cd867e1994901785292fb7c9c4c1288f769f032c899243653863bcfdc1d4131e0a79d

    • SSDEEP

      192:NE4JgPu/PlfaC8NahI7yFJQT0V6RfCyG/B9ShZVuIaMAUaUGo7/r1Bclg:NE4WPOfarNa3JK0V5whGIahUaUGof8g

    Score
    8/10
    persistenceprivilege_escalationupx

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks