Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
95c77ea0b777d9e2b82136ec0d24151d_JaffaCakes118
-
Size
163KB
-
Sample
240814-mv9bbsxgrc
-
MD5
95c77ea0b777d9e2b82136ec0d24151d
-
SHA1
92486be9ee3505c38330ebcb48ad9af6a6a3e703
-
SHA256
fad076e6251a6cfac705b8ebb773fa9a975e950d02a463cc1aaf64563ec3af9e
-
SHA512
36d73b54cd5cf6767142c158cdaf7c1bc2fcaa929227cdba2b9b91dbcd52297923e5a96b7db8f56cb58cbfbe6c8b7e061e3053aa692ba4560a96ee447c19fa45
-
SSDEEP
3072:O244R/lE7liD1P8sFdXoh1U7Nm9fW1bwjAO7T4NehXn6vn+m5Av+3ywTZ7oWMy43:O2R/lE7aUsDoh+pk3jAO7QehXn6/+maD
Malware Config
Targets
-
-
Target
95c77ea0b777d9e2b82136ec0d24151d_JaffaCakes118
-
Size
163KB
-
MD5
95c77ea0b777d9e2b82136ec0d24151d
-
SHA1
92486be9ee3505c38330ebcb48ad9af6a6a3e703
-
SHA256
fad076e6251a6cfac705b8ebb773fa9a975e950d02a463cc1aaf64563ec3af9e
-
SHA512
36d73b54cd5cf6767142c158cdaf7c1bc2fcaa929227cdba2b9b91dbcd52297923e5a96b7db8f56cb58cbfbe6c8b7e061e3053aa692ba4560a96ee447c19fa45
-
SSDEEP
3072:O244R/lE7liD1P8sFdXoh1U7Nm9fW1bwjAO7T4NehXn6vn+m5Av+3ywTZ7oWMy43:O2R/lE7aUsDoh+pk3jAO7QehXn6/+maD
Score10/10-
Modifies WinLogon for persistence
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-