Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    107c093b6d8a6e84ba775aa397bfac80_JaffaCakes118

  • Size

    789KB

  • Sample

    241003-zryrmszcra

  • MD5

    107c093b6d8a6e84ba775aa397bfac80

  • SHA1

    5405c4bea6e9831076cc0d7eed5dc3ebfae76468

  • SHA256

    3f821fe7e872b7ee3823468408e6c8a7df6c51cae0b346c0cf64d55e0726d45b

  • SHA512

    59444076109daa1134fa89a49bafa269b9c6637696268603ca2e929fedd3353d92f16e6b432b7b1afb5731aa40986f45a3965e313b2ff722a70806eb5236f935

  • SSDEEP

    12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27Qitjz:r5sJo6YrFUiyAak11Ltjz

Malware Config

Targets

    • Target

      107c093b6d8a6e84ba775aa397bfac80_JaffaCakes118

    • Size

      789KB

    • MD5

      107c093b6d8a6e84ba775aa397bfac80

    • SHA1

      5405c4bea6e9831076cc0d7eed5dc3ebfae76468

    • SHA256

      3f821fe7e872b7ee3823468408e6c8a7df6c51cae0b346c0cf64d55e0726d45b

    • SHA512

      59444076109daa1134fa89a49bafa269b9c6637696268603ca2e929fedd3353d92f16e6b432b7b1afb5731aa40986f45a3965e313b2ff722a70806eb5236f935

    • SSDEEP

      12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27Qitjz:r5sJo6YrFUiyAak11Ltjz

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks