Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

9

11f1499288...18.exe

windows7-x64

9

11f1499288...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11f1499288679bac0870831a881efc47_JaffaCakes118

  • Size

    1.4MB

  • Sample

    241004-fppw6swaqk

  • MD5

    11f1499288679bac0870831a881efc47

  • SHA1

    309e62411b16f46dbbc42876ae78208cb7fca88b

  • SHA256

    e85c520ff78f84143694003159eee729acd3591351e2205d4a4a249bb34bd844

  • SHA512

    a19f103d0b18f6ffebb4ba6fdb5c1be72e82572e5d2ff1126ae8c3bc0b022d0a27f3d0fe49b0f8a1352589ec35a00b93d762c43de7ba616b934ae6b2078d27ca

  • SSDEEP

    24576:pK+SC0Dhrr8ckM2DD4J1AF7SxV+TarvgUgOQTyI5mTgQnrKKY:pK+SPRrSsTYIrIUgOQ+tTLnWKY

Score
9/10
discoveryevasionupx

Malware Config

Targets

    • Target

      11f1499288679bac0870831a881efc47_JaffaCakes118

    • Size

      1.4MB

    • MD5

      11f1499288679bac0870831a881efc47

    • SHA1

      309e62411b16f46dbbc42876ae78208cb7fca88b

    • SHA256

      e85c520ff78f84143694003159eee729acd3591351e2205d4a4a249bb34bd844

    • SHA512

      a19f103d0b18f6ffebb4ba6fdb5c1be72e82572e5d2ff1126ae8c3bc0b022d0a27f3d0fe49b0f8a1352589ec35a00b93d762c43de7ba616b934ae6b2078d27ca

    • SSDEEP

      24576:pK+SC0Dhrr8ckM2DD4J1AF7SxV+TarvgUgOQTyI5mTgQnrKKY:pK+SPRrSsTYIrIUgOQ+tTLnWKY

    Score
    9/10
    discoveryevasionupx

    • Detected Nirsoft tools

      Free utilities often used by attackers which can steal passwords, product keys, etc.

    • Disables Task Manager via registry modification

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks