Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

94d2e73c04...18.dll

windows7-x64

8

94d2e73c04...18.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    94d2e73c0478b2e67694054bc235a5f2_JaffaCakes118

  • Size

    120KB

  • Sample

    240813-1empaaxcqb

  • MD5

    94d2e73c0478b2e67694054bc235a5f2

  • SHA1

    725c1a3cde4cb14e7c191fa439dad9d47ac1fec4

  • SHA256

    bfcc612286785bf56b53e6a8ef14adac5f292bf5d5b6050b0562f6a258a8e0d1

  • SHA512

    6097c625173186253c7a40317fe0a2decf175fd30fde208d08f35c18402fdcadf4e7d8052d269b881d10e231e2fbd7748e04961e285c4bd779ec1cf1ef078da6

  • SSDEEP

    3072:79Kx0jYvdDia35XKTsy1myo5AtBKAqvQWlFA/fUGZc:rmNx38Xho5+KAqvRw0

Score
8/10
discoverypersistencevmprotect

Malware Config

Targets

    • Target

      94d2e73c0478b2e67694054bc235a5f2_JaffaCakes118

    • Size

      120KB

    • MD5

      94d2e73c0478b2e67694054bc235a5f2

    • SHA1

      725c1a3cde4cb14e7c191fa439dad9d47ac1fec4

    • SHA256

      bfcc612286785bf56b53e6a8ef14adac5f292bf5d5b6050b0562f6a258a8e0d1

    • SHA512

      6097c625173186253c7a40317fe0a2decf175fd30fde208d08f35c18402fdcadf4e7d8052d269b881d10e231e2fbd7748e04961e285c4bd779ec1cf1ef078da6

    • SSDEEP

      3072:79Kx0jYvdDia35XKTsy1myo5AtBKAqvQWlFA/fUGZc:rmNx38Xho5+KAqvRw0

    Score
    8/10
    discoverypersistencevmprotect

    • Server Software Component: Terminal Services DLL

      persistence

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks