Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

a8193f69e1...18.dll

windows7-x64

10

a8193f69e1...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a8193f69e17072567a33c705736ca2eb_JaffaCakes118

  • Size

    193KB

  • Sample

    240818-y8ymjawaqq

  • MD5

    a8193f69e17072567a33c705736ca2eb

  • SHA1

    3806fc878762741ca4fe0546d08f70b4362fb8b2

  • SHA256

    04d637e4a927cce304e84a3c9be5fd5fd358d8e6860f9e9ee023d227a152e9c9

  • SHA512

    d4e0e437d993d4155b8631dfd71fe42a746c7c7bc5855a05ee2d822de052818fb343bb729ef16168a16917edc7b0fc50e58ec5e3787df97512212fe0f29185ae

  • SSDEEP

    3072:M73MITL/9oSmkbx3ZtffjBTnIwanLMMgVr9kYaQBqaFM2oVhyAn1+T:adTpountf75IwkJgVrwwM2uf1U

Score
10/10
ramnitbankerdiscoverypersistencespywarestealertrojanupxworm

Malware Config

Targets

    • Target

      a8193f69e17072567a33c705736ca2eb_JaffaCakes118

    • Size

      193KB

    • MD5

      a8193f69e17072567a33c705736ca2eb

    • SHA1

      3806fc878762741ca4fe0546d08f70b4362fb8b2

    • SHA256

      04d637e4a927cce304e84a3c9be5fd5fd358d8e6860f9e9ee023d227a152e9c9

    • SHA512

      d4e0e437d993d4155b8631dfd71fe42a746c7c7bc5855a05ee2d822de052818fb343bb729ef16168a16917edc7b0fc50e58ec5e3787df97512212fe0f29185ae

    • SSDEEP

      3072:M73MITL/9oSmkbx3ZtffjBTnIwanLMMgVr9kYaQBqaFM2oVhyAn1+T:adTpountf75IwkJgVrwwM2uf1U

    Score
    10/10
    ramnitbankerdiscoverypersistencespywarestealertrojanupxworm

    • Modifies WinLogon for persistence

      persistence

    • Ramnit

      Ramnit is a versatile family that holds viruses, worms, and Trojans.

      trojanspywarestealerwormbankerramnit

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks