Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

15e3d638b0...18.exe

windows7-x64

7

15e3d638b0...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    15e3d638b0e83ef0ab3db5a2565f4321_JaffaCakes118

  • Size

    111KB

  • Sample

    241005-dfg4vswarg

  • MD5

    15e3d638b0e83ef0ab3db5a2565f4321

  • SHA1

    43d7c7bf6b87451c2b19101f3955a2a5fa6c3837

  • SHA256

    d287b5089aaebfa8bc0ebeb3cf0e13b22758fba9cfadf153b62077e1caf96a3f

  • SHA512

    971411037b5dcd134f617ca0979c11a8a4d7bdedba22c4af07d5cc2fe655cb5eb3fdf83905d052914395f100ffdc250739c75b951070397183f681e6dfc8614a

  • SSDEEP

    3072:TQKqExR2Ch/ZJ27K7MbDR8GoY5/QMd0IvtcToHytctNg9JRVKd:IEbVzsbDRfN3vKToZkV

Score
7/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      15e3d638b0e83ef0ab3db5a2565f4321_JaffaCakes118

    • Size

      111KB

    • MD5

      15e3d638b0e83ef0ab3db5a2565f4321

    • SHA1

      43d7c7bf6b87451c2b19101f3955a2a5fa6c3837

    • SHA256

      d287b5089aaebfa8bc0ebeb3cf0e13b22758fba9cfadf153b62077e1caf96a3f

    • SHA512

      971411037b5dcd134f617ca0979c11a8a4d7bdedba22c4af07d5cc2fe655cb5eb3fdf83905d052914395f100ffdc250739c75b951070397183f681e6dfc8614a

    • SSDEEP

      3072:TQKqExR2Ch/ZJ27K7MbDR8GoY5/QMd0IvtcToHytctNg9JRVKd:IEbVzsbDRfN3vKToZkV

    Score
    7/10
    discoverypersistencespywarestealerupx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks