Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

1

0d9ddb1840...18.exe

windows7-x64

9

0d9ddb1840...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0d9ddb184039ff999e81ef7b60ab58f8_JaffaCakes118

  • Size

    5.0MB

  • Sample

    241003-dl6dmsvfrc

  • MD5

    0d9ddb184039ff999e81ef7b60ab58f8

  • SHA1

    8a37520bff1d9835af624a2c8fd3394a2d1777c1

  • SHA256

    abd15b81597018a7c433492d496317942e07935f249da14b9bfc95a813df3585

  • SHA512

    9f9e7e73c3ed0323b602e8113f9a1e9430eaf732e70c0f7ce998998f56a96ceb742731743fef43d41be1e6700fa4ce4c4f2d21154b1aa5d1ede300aee623febe

  • SSDEEP

    98304:qRgk0xOXhMUjwbRDXoI7GuS9/bYVZ0FX8Ipaky:ag98dcbRDXoI7TS9/W2xL

Score
9/10
discoveryevasion

Malware Config

Targets

    • Target

      0d9ddb184039ff999e81ef7b60ab58f8_JaffaCakes118

    • Size

      5.0MB

    • MD5

      0d9ddb184039ff999e81ef7b60ab58f8

    • SHA1

      8a37520bff1d9835af624a2c8fd3394a2d1777c1

    • SHA256

      abd15b81597018a7c433492d496317942e07935f249da14b9bfc95a813df3585

    • SHA512

      9f9e7e73c3ed0323b602e8113f9a1e9430eaf732e70c0f7ce998998f56a96ceb742731743fef43d41be1e6700fa4ce4c4f2d21154b1aa5d1ede300aee623febe

    • SSDEEP

      98304:qRgk0xOXhMUjwbRDXoI7GuS9/bYVZ0FX8Ipaky:ag98dcbRDXoI7TS9/W2xL

    Score
    9/10
    discoveryevasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks