Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

ce3df08e0c...18.exe

windows7-x64

7

ce3df08e0c...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ce3df08e0c42308d7da3870635fb9f01_JaffaCakes118

  • Size

    51KB

  • Sample

    240906-arsg7awhmf

  • MD5

    ce3df08e0c42308d7da3870635fb9f01

  • SHA1

    51b2be4919fc0d30a65c3d5ef5507ccfdd7cd5bd

  • SHA256

    b9ff582ac04bce1b2506b46c8ece1e5759417bbc90ea932b854591a0fc1e25b9

  • SHA512

    ecd7473dae456a6acf986b95c32165c8a04cf0859c80b56a5f40f59451e0a710e0af278654c671439e869a99410cfb104d83a69d0685671d5894128280507ce7

  • SSDEEP

    1536:lBTwZwHVFSBjBUDc12vjE2B/+VnlRQkdQxULRjMtw:lxwZZjSc12vjEUY7QkRRjN

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      ce3df08e0c42308d7da3870635fb9f01_JaffaCakes118

    • Size

      51KB

    • MD5

      ce3df08e0c42308d7da3870635fb9f01

    • SHA1

      51b2be4919fc0d30a65c3d5ef5507ccfdd7cd5bd

    • SHA256

      b9ff582ac04bce1b2506b46c8ece1e5759417bbc90ea932b854591a0fc1e25b9

    • SHA512

      ecd7473dae456a6acf986b95c32165c8a04cf0859c80b56a5f40f59451e0a710e0af278654c671439e869a99410cfb104d83a69d0685671d5894128280507ce7

    • SSDEEP

      1536:lBTwZwHVFSBjBUDc12vjE2B/+VnlRQkdQxULRjMtw:lxwZZjSc12vjEUY7QkRRjN

    Score
    8/10
    discoverypersistenceupx

    • Blocklisted process makes network request

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks