Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

faf828c397...18.exe

windows7-x64

7

faf828c397...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    faf828c3979446d42bc45c49a61b8dc8_JaffaCakes118

  • Size

    288KB

  • Sample

    240927-1r3w2a1frq

  • MD5

    faf828c3979446d42bc45c49a61b8dc8

  • SHA1

    e186b1b62cbba0b1adc4f74525e5b5e901eb1ebc

  • SHA256

    33a365cd25fcbb0b7b8a4c6ab48d6e5906c4a8e5e5f701f33925253b521e2e57

  • SHA512

    853acf376be4c6afffc99707b9d6bc1aec82426aec6b335cd65b4477f02168bf4ee98fb4bb65bd65dd2007200fb7cfee6250285e45e36f2b473cbe9422dc0ca2

  • SSDEEP

    6144:rJlZSBGgRIRhc45O7GLTWsweAF8M3A2hu7QxterCffIdP7b4nYFoS:rJlZSBGr7c/GLTPnJMw2huEqWffAX4Yv

Score
7/10
discoverythemida

Malware Config

Targets

    • Target

      faf828c3979446d42bc45c49a61b8dc8_JaffaCakes118

    • Size

      288KB

    • MD5

      faf828c3979446d42bc45c49a61b8dc8

    • SHA1

      e186b1b62cbba0b1adc4f74525e5b5e901eb1ebc

    • SHA256

      33a365cd25fcbb0b7b8a4c6ab48d6e5906c4a8e5e5f701f33925253b521e2e57

    • SHA512

      853acf376be4c6afffc99707b9d6bc1aec82426aec6b335cd65b4477f02168bf4ee98fb4bb65bd65dd2007200fb7cfee6250285e45e36f2b473cbe9422dc0ca2

    • SSDEEP

      6144:rJlZSBGgRIRhc45O7GLTWsweAF8M3A2hu7QxterCffIdP7b4nYFoS:rJlZSBGr7c/GLTPnJMw2huEqWffAX4Yv

    Score
    7/10
    discoverythemida

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks