Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    94d2e73c0478b2e67694054bc235a5f2_JaffaCakes118

  • Size

    120KB

  • Sample

    240813-1empaaxcqb

  • MD5

    94d2e73c0478b2e67694054bc235a5f2

  • SHA1

    725c1a3cde4cb14e7c191fa439dad9d47ac1fec4

  • SHA256

    bfcc612286785bf56b53e6a8ef14adac5f292bf5d5b6050b0562f6a258a8e0d1

  • SHA512

    6097c625173186253c7a40317fe0a2decf175fd30fde208d08f35c18402fdcadf4e7d8052d269b881d10e231e2fbd7748e04961e285c4bd779ec1cf1ef078da6

  • SSDEEP

    3072:79Kx0jYvdDia35XKTsy1myo5AtBKAqvQWlFA/fUGZc:rmNx38Xho5+KAqvRw0

Malware Config

Targets

    • Target

      94d2e73c0478b2e67694054bc235a5f2_JaffaCakes118

    • Size

      120KB

    • MD5

      94d2e73c0478b2e67694054bc235a5f2

    • SHA1

      725c1a3cde4cb14e7c191fa439dad9d47ac1fec4

    • SHA256

      bfcc612286785bf56b53e6a8ef14adac5f292bf5d5b6050b0562f6a258a8e0d1

    • SHA512

      6097c625173186253c7a40317fe0a2decf175fd30fde208d08f35c18402fdcadf4e7d8052d269b881d10e231e2fbd7748e04961e285c4bd779ec1cf1ef078da6

    • SSDEEP

      3072:79Kx0jYvdDia35XKTsy1myo5AtBKAqvQWlFA/fUGZc:rmNx38Xho5+KAqvRw0

    • Server Software Component: Terminal Services DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks