Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

5

Boleto.2a....ar.exe

windows7-x64

6

Boleto.2a....ar.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0a94f5c501357c862c776044b213aa6f_JaffaCakes118

  • Size

    331KB

  • Sample

    241002-pbw8rsvflk

  • MD5

    0a94f5c501357c862c776044b213aa6f

  • SHA1

    374d6b7ddd26590720fadb6ce8cd6214788cd6f3

  • SHA256

    809a6bc586ffc5b3c4b20c95d7b6038a185e3a8227d4990cf876c369e811955b

  • SHA512

    d3ae5c1fa9cdfc3a1e12728843b8ce05a1d1435594013188678949e358a3209c63b8394fc80ba33e5412047ec43d6adba42059f45581c2f2fc28fa79ff7be3cf

  • SSDEEP

    6144:miuUgxQcgbB8RnbX7ykJX56r9VA77aqKdesXuB7W5kwfast72NTNm:l4xit4ekJEjqKdesXaC5kwRF2Nk

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      Boleto.2a.via.arquivo.anexos.visualizar.exe.exe

    • Size

      478KB

    • MD5

      6981524ca41b3fdcdf2e17b1987e312b

    • SHA1

      6687c094e37b7367b924f09ee7b0fb44a71f9c39

    • SHA256

      830eda18b7bab059bb57b6d5f1ab225b0e19bc036501e26ba694062c0c903924

    • SHA512

      2e226128a4ad6941e73898a8571ef4aeede7a19e5938e3726fe1e989933a5c4b6c423d71d3ae4c2801a90deb5ff4652f0a8563bb9bcc1ba1f7cda088185b829f

    • SSDEEP

      6144:ZiLpzJlA3hTWyArrlMtSFXeww8Mlc02HLm+ZHBX0SZe2Tf/9VJUzVW4OX9WKKxK7:ZiLpjA3SaQeeZ6+Z+U/BNXnms

    Score
    7/10
    discoveryupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks