Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cf592057377cb88d0bc95a377b8fd9a9_JaffaCakes118

  • Size

    690KB

  • Sample

    240906-mmcmds1fjp

  • MD5

    cf592057377cb88d0bc95a377b8fd9a9

  • SHA1

    5d34b78e1d917eab35ecba32788bebea4da7388b

  • SHA256

    9505ea27895537dcb6c2488b2eee6c0b68b35747eb5b362ca6c4888fb9b115dd

  • SHA512

    95a0e9eb7be4d85214ecb5db4bf04d8b573348c0d73ae89cd48943e74f3cb79f812c2448e4372fb5fcc76a8700d77d7b9aa1bc8c2b437cd28615faca5a0a07dd

  • SSDEEP

    12288:y3JKjAhROhOtGsgyZXVSfbJXE+nc6cf8zL4XpYyDvQo2bNvL:y3KAhRygZXkyf8Ysbh

Malware Config

Targets

    • Target

      cf592057377cb88d0bc95a377b8fd9a9_JaffaCakes118

    • Size

      690KB

    • MD5

      cf592057377cb88d0bc95a377b8fd9a9

    • SHA1

      5d34b78e1d917eab35ecba32788bebea4da7388b

    • SHA256

      9505ea27895537dcb6c2488b2eee6c0b68b35747eb5b362ca6c4888fb9b115dd

    • SHA512

      95a0e9eb7be4d85214ecb5db4bf04d8b573348c0d73ae89cd48943e74f3cb79f812c2448e4372fb5fcc76a8700d77d7b9aa1bc8c2b437cd28615faca5a0a07dd

    • SSDEEP

      12288:y3JKjAhROhOtGsgyZXVSfbJXE+nc6cf8zL4XpYyDvQo2bNvL:y3KAhRygZXkyf8Ysbh

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks