Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

8ee5151279...18.exe

windows7-x64

8

8ee5151279...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ee5151279f21a802c7c4a35c438559e_JaffaCakes118

  • Size

    264KB

  • Sample

    240812-qn7qpssgqp

  • MD5

    8ee5151279f21a802c7c4a35c438559e

  • SHA1

    968c2a3637bab54cb8eaf3e5552e42f612ef5786

  • SHA256

    c4539628a4b771a1b1276de073b43d9ebf669154c7c89fdb5cc63ec6e3230047

  • SHA512

    35688680ec958269b9e764fbec21115b1533d3a99b2fc56f61da4cd132d9e5b63db9c121444d5b79e35b6973980e5809a49e451b73e18f2f2467668af25f91a0

  • SSDEEP

    6144:3/nyiyjGgZdQL4MF7w8iigvookK2vhlwfk:vyzl24MRTgb2c8

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      8ee5151279f21a802c7c4a35c438559e_JaffaCakes118

    • Size

      264KB

    • MD5

      8ee5151279f21a802c7c4a35c438559e

    • SHA1

      968c2a3637bab54cb8eaf3e5552e42f612ef5786

    • SHA256

      c4539628a4b771a1b1276de073b43d9ebf669154c7c89fdb5cc63ec6e3230047

    • SHA512

      35688680ec958269b9e764fbec21115b1533d3a99b2fc56f61da4cd132d9e5b63db9c121444d5b79e35b6973980e5809a49e451b73e18f2f2467668af25f91a0

    • SSDEEP

      6144:3/nyiyjGgZdQL4MF7w8iigvookK2vhlwfk:vyzl24MRTgb2c8

    Score
    8/10
    discoverypersistence

    • Adds policy Run key to start application

      persistence

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks