Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
eec2c1539eebe98ff2430443c84b502c_JaffaCakes118
-
Size
72KB
-
Sample
240921-a7wvjsxcnb
-
MD5
eec2c1539eebe98ff2430443c84b502c
-
SHA1
0321261ab00e21f04e6fce3b1d4bfe3922ed3cbd
-
SHA256
bfa21c905d4138da6271a80bf8bbe683a5803a5653555c116151e28c1539f79e
-
SHA512
e22d1d910337611b56230c4272ebf2b147d0e68b6943c3fe94fb328d966a152b27ec0ad0ff42fbf145e406d8d5de1e472e640d6f71d440707c86522e93871cab
-
SSDEEP
768:QsUuSrrHS7KljKrdFbCAX6e37Gy09BHqvgJtnvqfYfvhnEHqU09bS7KljKrdFbCK:QsKrr7ATfWHlvVEHp6ATbrr
Static task
static1
Behavioral task
behavioral1
Sample
eec2c1539eebe98ff2430443c84b502c_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
eec2c1539eebe98ff2430443c84b502c_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=19zRmRWEbe_tvCeYLoFlJAOjP43TkIzc3
Targets
-
-
Target
eec2c1539eebe98ff2430443c84b502c_JaffaCakes118
-
Size
72KB
-
MD5
eec2c1539eebe98ff2430443c84b502c
-
SHA1
0321261ab00e21f04e6fce3b1d4bfe3922ed3cbd
-
SHA256
bfa21c905d4138da6271a80bf8bbe683a5803a5653555c116151e28c1539f79e
-
SHA512
e22d1d910337611b56230c4272ebf2b147d0e68b6943c3fe94fb328d966a152b27ec0ad0ff42fbf145e406d8d5de1e472e640d6f71d440707c86522e93871cab
-
SSDEEP
768:QsUuSrrHS7KljKrdFbCAX6e37Gy09BHqvgJtnvqfYfvhnEHqU09bS7KljKrdFbCK:QsKrr7ATfWHlvVEHp6ATbrr
Score10/10-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-