Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5a8968b14bc1e9c21add9021c89a2e2f_JaffaCakes118

  • Size

    1.6MB

  • Sample

    240719-fhkzmstcmj

  • MD5

    5a8968b14bc1e9c21add9021c89a2e2f

  • SHA1

    49a84fab07f42639255ed6effdba70cc1e44aff1

  • SHA256

    53e3a6c30a9afc46e68af8c105f43e199e139c422abb0e2bf0f51a6fb4c8ef48

  • SHA512

    15f6d18cd2d240e376690a4a3dff637a22d0a5026caa2662c8a59373d7475a2bef8b4380f4d740ac0cc6eb90c0f11bb8703364fd282e8ae8b67fe9e3aaf6d728

  • SSDEEP

    24576:fpN7TsakOkW14dL7CVDCDjtCuriUsYRbgaUyURZaAxvMGq3bvt/LfA:Hoaq44dL7C5mNRDMxvM3bl/E

Malware Config

Targets

    • Target

      5a8968b14bc1e9c21add9021c89a2e2f_JaffaCakes118

    • Size

      1.6MB

    • MD5

      5a8968b14bc1e9c21add9021c89a2e2f

    • SHA1

      49a84fab07f42639255ed6effdba70cc1e44aff1

    • SHA256

      53e3a6c30a9afc46e68af8c105f43e199e139c422abb0e2bf0f51a6fb4c8ef48

    • SHA512

      15f6d18cd2d240e376690a4a3dff637a22d0a5026caa2662c8a59373d7475a2bef8b4380f4d740ac0cc6eb90c0f11bb8703364fd282e8ae8b67fe9e3aaf6d728

    • SSDEEP

      24576:fpN7TsakOkW14dL7CVDCDjtCuriUsYRbgaUyURZaAxvMGq3bvt/LfA:Hoaq44dL7C5mNRDMxvM3bl/E

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Drops file in Drivers directory

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Program crash

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks