Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

b76317bdbd...18.exe

windows7-x64

7

b76317bdbd...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b76317bdbd12e57ba8a4dfea7228f210_JaffaCakes118

  • Size

    348KB

  • Sample

    240822-m46a2atbpd

  • MD5

    b76317bdbd12e57ba8a4dfea7228f210

  • SHA1

    fa35ac56dc88227270c29c0c6277f010516c5d0c

  • SHA256

    4e2b630b85c55a5731e31e38b540539acadabf38210a643116849383ea2e2fab

  • SHA512

    ffa273559e500c82e5c8b2d0e02238d12b744a2057969437f10d26fe18f9bbbc141c075263b54165a9b970c42323db8a69fbbe6d0a9546b664b766d308759f63

  • SSDEEP

    6144:wMuR9dHqs2LiZuhYnNfjO+/h9HqR0mJwTWSeULSave2:kR9dHqs0ivnv3HlmSTbeU7

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      b76317bdbd12e57ba8a4dfea7228f210_JaffaCakes118

    • Size

      348KB

    • MD5

      b76317bdbd12e57ba8a4dfea7228f210

    • SHA1

      fa35ac56dc88227270c29c0c6277f010516c5d0c

    • SHA256

      4e2b630b85c55a5731e31e38b540539acadabf38210a643116849383ea2e2fab

    • SHA512

      ffa273559e500c82e5c8b2d0e02238d12b744a2057969437f10d26fe18f9bbbc141c075263b54165a9b970c42323db8a69fbbe6d0a9546b664b766d308759f63

    • SSDEEP

      6144:wMuR9dHqs2LiZuhYnNfjO+/h9HqR0mJwTWSeULSave2:kR9dHqs0ivnv3HlmSTbeU7

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks for any installed AV software in registry

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks