Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
66136fee669b198cbf321537771fad45_JaffaCakes118
-
Size
804KB
-
Sample
240723-epvxrawgrc
-
MD5
66136fee669b198cbf321537771fad45
-
SHA1
974e3af75b08f3427ec00efa8e29dbd8f22b9d3c
-
SHA256
763c2809a0260db3b2cc6a215a3676edc7cf870c89a2eecc77d2375215dbb774
-
SHA512
174eb5488498d249adbf863f6d50d04e744c251dadeafea0268c572ea89d7136bd4f30b3634e0e9327aaa6ddef70e8d074d2094c460575685424b9ddab8ec2b8
-
SSDEEP
24576:REWlk0BnSW9W4Dh9xVExfsPx3NlkrGV44liq:2Wlk0BnSWXh9isblV47
Behavioral task
behavioral1
Sample
66136fee669b198cbf321537771fad45_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
66136fee669b198cbf321537771fad45_JaffaCakes118
-
Size
804KB
-
MD5
66136fee669b198cbf321537771fad45
-
SHA1
974e3af75b08f3427ec00efa8e29dbd8f22b9d3c
-
SHA256
763c2809a0260db3b2cc6a215a3676edc7cf870c89a2eecc77d2375215dbb774
-
SHA512
174eb5488498d249adbf863f6d50d04e744c251dadeafea0268c572ea89d7136bd4f30b3634e0e9327aaa6ddef70e8d074d2094c460575685424b9ddab8ec2b8
-
SSDEEP
24576:REWlk0BnSW9W4Dh9xVExfsPx3NlkrGV44liq:2Wlk0BnSWXh9isblV47
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-