Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c1a5c08e27d93713802cb00235447a17_JaffaCakes118

  • Size

    812KB

  • Sample

    240825-1kjvksybmn

  • MD5

    c1a5c08e27d93713802cb00235447a17

  • SHA1

    fd070786781da66f67b8eece92eecbfbcd04fcf3

  • SHA256

    92600d35bf740272d948d67cf595ac7fdc1da5fcd4b80cc39f64871c57fb2488

  • SHA512

    35555685d0290dd10d4881443f6216314465a20798761e644cb66e5cffb69dbb91030ebc54093ab8aeb10e96a8ea12381734c5f4825ebc37cc82e38a538e9c0d

  • SSDEEP

    12288:6QoutGe7ZVVT7ZD3wUdm7dv88vUcYgTJwri42gmm4QB3wCbt+qQ1wqK3Xd8:6FutG2VT9T7m5v88vUWGrgmOCbtREY

Score
7/10

Malware Config

Targets

    • Target

      c1a5c08e27d93713802cb00235447a17_JaffaCakes118

    • Size

      812KB

    • MD5

      c1a5c08e27d93713802cb00235447a17

    • SHA1

      fd070786781da66f67b8eece92eecbfbcd04fcf3

    • SHA256

      92600d35bf740272d948d67cf595ac7fdc1da5fcd4b80cc39f64871c57fb2488

    • SHA512

      35555685d0290dd10d4881443f6216314465a20798761e644cb66e5cffb69dbb91030ebc54093ab8aeb10e96a8ea12381734c5f4825ebc37cc82e38a538e9c0d

    • SSDEEP

      12288:6QoutGe7ZVVT7ZD3wUdm7dv88vUcYgTJwri42gmm4QB3wCbt+qQ1wqK3Xd8:6FutG2VT9T7m5v88vUWGrgmOCbtREY

    Score
    7/10
    • Executes dropped EXE

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks