Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

66ed109b34...18.exe

windows7-x64

9

66ed109b34...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    66ed109b34c0cb23b2c4eb36cd0b7161_JaffaCakes118

  • Size

    327KB

  • Sample

    240723-kx8rgaxfmb

  • MD5

    66ed109b34c0cb23b2c4eb36cd0b7161

  • SHA1

    427aa9f8da4e7c406366bbee48f0b8cd84a532b6

  • SHA256

    fda395d06f8185bbca10e3de802ae2e0ce776388ef92a461c93e4d13e2b1a618

  • SHA512

    d60c8b2da5d3542f303d788362bba4e3a7513f0c938cb11fbb32be9793cd2836cf06c2960e76caeb07f8464f791ceae30814e0eaece1231992c767dc0ac04724

  • SSDEEP

    6144:UySmuzOzapy5X73Cg3LFpNMz4g6BMvIjjVUjfYJRN1y9q:0iak5X7J3g6BMvIjjVUMJRNb

Score
9/10
collection

Malware Config

Targets

    • Target

      66ed109b34c0cb23b2c4eb36cd0b7161_JaffaCakes118

    • Size

      327KB

    • MD5

      66ed109b34c0cb23b2c4eb36cd0b7161

    • SHA1

      427aa9f8da4e7c406366bbee48f0b8cd84a532b6

    • SHA256

      fda395d06f8185bbca10e3de802ae2e0ce776388ef92a461c93e4d13e2b1a618

    • SHA512

      d60c8b2da5d3542f303d788362bba4e3a7513f0c938cb11fbb32be9793cd2836cf06c2960e76caeb07f8464f791ceae30814e0eaece1231992c767dc0ac04724

    • SSDEEP

      6144:UySmuzOzapy5X73Cg3LFpNMz4g6BMvIjjVUjfYJRN1y9q:0iak5X7J3g6BMvIjjVUMJRNb

    Score
    9/10
    collection

    • Detected Nirsoft tools

      Free utilities often used by attackers which can steal passwords, product keys, etc.

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Executes dropped EXE

    • Loads dropped DLL

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks