Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

5

12fe44da33...18.exe

windows7-x64

7

12fe44da33...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    12fe44da33d2a9ca3d82e4eeb8bc4ec2_JaffaCakes118

  • Size

    227KB

  • Sample

    241004-mnztbayhkq

  • MD5

    12fe44da33d2a9ca3d82e4eeb8bc4ec2

  • SHA1

    9664c8a7a1cc9015ec66439b3bd95606192e331a

  • SHA256

    bc481ffb7d1192a0cab5d05ce8e8f8ed6b34a8ba6b142fae75c9915bbe6bceda

  • SHA512

    8305fc7792fba5ec0f5050315f8ac102de5b7336bc638d5e0ca7d61d94f2a2b401d482b9f279c057da4e231ad038af72229e19200b29acd8e974cc52ce7ce82e

  • SSDEEP

    3072:sr3KcWmjRrzSsYYMvDzY5lBLR7oDTJiajsCQ6uY+CPnvwFbR3W6D8ot36bVef5EY:/8i7sB97iTMBKvcdms53E+5qlcAurz

Score
7/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      12fe44da33d2a9ca3d82e4eeb8bc4ec2_JaffaCakes118

    • Size

      227KB

    • MD5

      12fe44da33d2a9ca3d82e4eeb8bc4ec2

    • SHA1

      9664c8a7a1cc9015ec66439b3bd95606192e331a

    • SHA256

      bc481ffb7d1192a0cab5d05ce8e8f8ed6b34a8ba6b142fae75c9915bbe6bceda

    • SHA512

      8305fc7792fba5ec0f5050315f8ac102de5b7336bc638d5e0ca7d61d94f2a2b401d482b9f279c057da4e231ad038af72229e19200b29acd8e974cc52ce7ce82e

    • SSDEEP

      3072:sr3KcWmjRrzSsYYMvDzY5lBLR7oDTJiajsCQ6uY+CPnvwFbR3W6D8ot36bVef5EY:/8i7sB97iTMBKvcdms53E+5qlcAurz

    Score
    7/10
    discoverypersistencespywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks