Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5e92e3c43243a924236e369d12adc5eb_JaffaCakes118

  • Size

    803KB

  • Sample

    240720-b9dbna1dlm

  • MD5

    5e92e3c43243a924236e369d12adc5eb

  • SHA1

    cfa810ec7b4f022f94d30e2e9e2f5c9bd3ce9d71

  • SHA256

    5992c641c7cdd9dd43ccea4f29bde2181abce642006e3e1fbab03e748ed1d192

  • SHA512

    d4f19337d16eca07a01f915f46f02ab5eec56813b48e95e7323493b7f8e8a1aa6f07e46549d8e2ef521a55177b9f6a1c00c9a814dd28885006b16162ea911943

  • SSDEEP

    24576:ENTjluBFL47h+leHR1xNz7c56UQWIq98WtJegm0:ENTjYz/lWRj2R9DtJes

Score
9/10

Malware Config

Targets

    • Target

      5e92e3c43243a924236e369d12adc5eb_JaffaCakes118

    • Size

      803KB

    • MD5

      5e92e3c43243a924236e369d12adc5eb

    • SHA1

      cfa810ec7b4f022f94d30e2e9e2f5c9bd3ce9d71

    • SHA256

      5992c641c7cdd9dd43ccea4f29bde2181abce642006e3e1fbab03e748ed1d192

    • SHA512

      d4f19337d16eca07a01f915f46f02ab5eec56813b48e95e7323493b7f8e8a1aa6f07e46549d8e2ef521a55177b9f6a1c00c9a814dd28885006b16162ea911943

    • SSDEEP

      24576:ENTjluBFL47h+leHR1xNz7c56UQWIq98WtJegm0:ENTjYz/lWRj2R9DtJes

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks