Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    89439bf9f380261ac54f57787addef28_JaffaCakes118

  • Size

    643KB

  • Sample

    240811-gqggvsxfpq

  • MD5

    89439bf9f380261ac54f57787addef28

  • SHA1

    1b2622adeedc7fa438cc84c43d895cb930dbc34a

  • SHA256

    ef631389eb569c539e1ac61d88088d7ea3a633a603f9183db78ff70991aa775b

  • SHA512

    5ba08c2dfa1aa5a86a3919d8baaed4d28fa3ebbb9924339a038c1cca4e50339d2532a9004fb79ebaaf8be8642b847032f895b2fc8fc7a6b9118d158f88ee11b3

  • SSDEEP

    12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27QitjeqEC:r5sJo6YrFUiyAak11LtjeqEC

Malware Config

Targets

    • Target

      89439bf9f380261ac54f57787addef28_JaffaCakes118

    • Size

      643KB

    • MD5

      89439bf9f380261ac54f57787addef28

    • SHA1

      1b2622adeedc7fa438cc84c43d895cb930dbc34a

    • SHA256

      ef631389eb569c539e1ac61d88088d7ea3a633a603f9183db78ff70991aa775b

    • SHA512

      5ba08c2dfa1aa5a86a3919d8baaed4d28fa3ebbb9924339a038c1cca4e50339d2532a9004fb79ebaaf8be8642b847032f895b2fc8fc7a6b9118d158f88ee11b3

    • SSDEEP

      12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27QitjeqEC:r5sJo6YrFUiyAak11LtjeqEC

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks