Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

84b6b092c4...18.exe

windows7-x64

7

84b6b092c4...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    84b6b092c421fc3e7af7ff7686ef1d1a_JaffaCakes118

  • Size

    3.0MB

  • Sample

    240810-eg4jxsyeke

  • MD5

    84b6b092c421fc3e7af7ff7686ef1d1a

  • SHA1

    061c9aec64e8160f37ecc9ab2c8b0657d2bdc852

  • SHA256

    95783fb6d63c5406c595043dfcc7d0e5486f6592cec477e5027c89d39d78faa5

  • SHA512

    186792db2ce20f1bdc4dea9ab3a85bfd4cbc65ad43a2f912f7480ba8406e198472db14ccd0b89ed03b7f6372555c32e4389d083ec8b3a306ad9dda5abf8f4ba0

  • SSDEEP

    49152:f65qcFq69RAQ0eZC2m8QDynj9LRS3mqm0/wtFLrUIUxoycH67EoYWze/NFiJenpK:iIUHcyCT8QDyRfqr/wtFLrUPuhH6w4zd

Score
7/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      84b6b092c421fc3e7af7ff7686ef1d1a_JaffaCakes118

    • Size

      3.0MB

    • MD5

      84b6b092c421fc3e7af7ff7686ef1d1a

    • SHA1

      061c9aec64e8160f37ecc9ab2c8b0657d2bdc852

    • SHA256

      95783fb6d63c5406c595043dfcc7d0e5486f6592cec477e5027c89d39d78faa5

    • SHA512

      186792db2ce20f1bdc4dea9ab3a85bfd4cbc65ad43a2f912f7480ba8406e198472db14ccd0b89ed03b7f6372555c32e4389d083ec8b3a306ad9dda5abf8f4ba0

    • SSDEEP

      49152:f65qcFq69RAQ0eZC2m8QDynj9LRS3mqm0/wtFLrUIUxoycH67EoYWze/NFiJenpK:iIUHcyCT8QDyRfqr/wtFLrUPuhH6w4zd

    Score
    7/10
    discoveryevasionpersistence

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks