Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

f9a00dc4a9...18.exe

windows7-x64

7

f9a00dc4a9...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f9a00dc4a9637fa216630f4d5e2c8b37_JaffaCakes118

  • Size

    98KB

  • Sample

    240927-d1l9bawcmb

  • MD5

    f9a00dc4a9637fa216630f4d5e2c8b37

  • SHA1

    58c2ea15ecab7eb1674fb3a29f0b72b222da826b

  • SHA256

    120c24760fff974d67ae75bfbc2dba7cf583170cdf2a8c31adf9691cc77a0ef5

  • SHA512

    15edf799761216a564d4872811a02dc3c269a2dc7a66f5fe399624e1524df16323c66434527a2f39be4784c85143dc57632f94e87afe640862eaef3186edb33a

  • SSDEEP

    1536:9AuxfK6DOHpn2+3wc+TBsYu1fOc7kOi1mkCzzT/sX083Mkd3cklj:9AeAJ2+3YvyfOAsmkC3T/K5MEP

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      f9a00dc4a9637fa216630f4d5e2c8b37_JaffaCakes118

    • Size

      98KB

    • MD5

      f9a00dc4a9637fa216630f4d5e2c8b37

    • SHA1

      58c2ea15ecab7eb1674fb3a29f0b72b222da826b

    • SHA256

      120c24760fff974d67ae75bfbc2dba7cf583170cdf2a8c31adf9691cc77a0ef5

    • SHA512

      15edf799761216a564d4872811a02dc3c269a2dc7a66f5fe399624e1524df16323c66434527a2f39be4784c85143dc57632f94e87afe640862eaef3186edb33a

    • SSDEEP

      1536:9AuxfK6DOHpn2+3wc+TBsYu1fOc7kOi1mkCzzT/sX083Mkd3cklj:9AeAJ2+3YvyfOAsmkC3T/K5MEP

    Score
    7/10
    discoverypersistencespywarestealer

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks