Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8dc220d9b4d2c1871627d5dbf34f1c6b_JaffaCakes118

  • Size

    791KB

  • Sample

    240812-hrpejazekp

  • MD5

    8dc220d9b4d2c1871627d5dbf34f1c6b

  • SHA1

    ae75716ceaf50e60daa3faa335dee4b4bb80f428

  • SHA256

    53487547af750c9b525fbfe67cefd8a6c9bbcf333feaead12bce06ac795acd38

  • SHA512

    ed837fc74f44b56a532e096775bb2bfa86c7aeaf1ea43789c39f94f0b118f0fd7f570fa4f77d4d6119782ad091e870e5418a8e1acb3097b8cf3985023a74a1ac

  • SSDEEP

    24576:3RpNJjMUxuU0QloDzxgeF732uORLqwZ6M71SFuZh:3RpNp5xeQ6xgcLo9YM71Mu

Score
9/10

Malware Config

Targets

    • Target

      8dc220d9b4d2c1871627d5dbf34f1c6b_JaffaCakes118

    • Size

      791KB

    • MD5

      8dc220d9b4d2c1871627d5dbf34f1c6b

    • SHA1

      ae75716ceaf50e60daa3faa335dee4b4bb80f428

    • SHA256

      53487547af750c9b525fbfe67cefd8a6c9bbcf333feaead12bce06ac795acd38

    • SHA512

      ed837fc74f44b56a532e096775bb2bfa86c7aeaf1ea43789c39f94f0b118f0fd7f570fa4f77d4d6119782ad091e870e5418a8e1acb3097b8cf3985023a74a1ac

    • SSDEEP

      24576:3RpNJjMUxuU0QloDzxgeF732uORLqwZ6M71SFuZh:3RpNp5xeQ6xgcLo9YM71Mu

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks