Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ef5b493d9f0cc3fc77d176514f59ebce_JaffaCakes118
-
Size
176KB
-
Sample
240921-jqqfwasarp
-
MD5
ef5b493d9f0cc3fc77d176514f59ebce
-
SHA1
159383df978d817fda509c2f6cbb3ce64f70f24c
-
SHA256
582c7a9d41684c01b503c411ce2edacd1bcf1b298e7c904718a55f3889d28509
-
SHA512
01d2eea3434725f42fcba2aa4516d3e9b07de5de878ccd37910a58b7c7f65126987a09c7975213462360d8745eb2996b1151ac218b58666926b4de6b62749fdf
-
SSDEEP
1536:2WU4j6iAxUazRrE8272/S8vZMQKXPRnZoJ3pTJZQb:2WUQ6iAxdxL26xvZiZnSJ3pTJSb
Static task
static1
Behavioral task
behavioral1
Sample
ef5b493d9f0cc3fc77d176514f59ebce_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ef5b493d9f0cc3fc77d176514f59ebce_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
guloader
https://drive.google.com/uc?export=download&id=1VVEsy2z-Lqx6Tkbg4tlN6vp80EESLHVt
Targets
-
-
Target
ef5b493d9f0cc3fc77d176514f59ebce_JaffaCakes118
-
Size
176KB
-
MD5
ef5b493d9f0cc3fc77d176514f59ebce
-
SHA1
159383df978d817fda509c2f6cbb3ce64f70f24c
-
SHA256
582c7a9d41684c01b503c411ce2edacd1bcf1b298e7c904718a55f3889d28509
-
SHA512
01d2eea3434725f42fcba2aa4516d3e9b07de5de878ccd37910a58b7c7f65126987a09c7975213462360d8745eb2996b1151ac218b58666926b4de6b62749fdf
-
SSDEEP
1536:2WU4j6iAxUazRrE8272/S8vZMQKXPRnZoJ3pTJZQb:2WUQ6iAxdxL26xvZiZnSJ3pTJSb
Score10/10-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-