Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

JaffaCakes...5d.exe

windows7-x64

10

JaffaCakes...5d.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_03c222c69a38ae806d171b3a48fa2a5d

  • Size

    152KB

  • Sample

    241231-ell6fawphv

  • MD5

    03c222c69a38ae806d171b3a48fa2a5d

  • SHA1

    633bda88fa088ef1f07e0dad0ee7c3e6d577efac

  • SHA256

    3b155f1e387567be9b8d6c1d2c507dc0484c046b9b2c332617c1843cea04b7e2

  • SHA512

    013e0272483bd4d4ae5346eb2bf132553ddd9794d055ccaa5e722f0513a9b129e7fccf7c5fc838a3075f9f77116eefc6215671a3d9afa320b00ed4138fdb2b55

  • SSDEEP

    1536:c1DMz1DQvXLq6t7awFONecenlLnQHIG5R9c73P600t:9eGw9A0rC00t

Score
10/10
modiloaderdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_03c222c69a38ae806d171b3a48fa2a5d

    • Size

      152KB

    • MD5

      03c222c69a38ae806d171b3a48fa2a5d

    • SHA1

      633bda88fa088ef1f07e0dad0ee7c3e6d577efac

    • SHA256

      3b155f1e387567be9b8d6c1d2c507dc0484c046b9b2c332617c1843cea04b7e2

    • SHA512

      013e0272483bd4d4ae5346eb2bf132553ddd9794d055ccaa5e722f0513a9b129e7fccf7c5fc838a3075f9f77116eefc6215671a3d9afa320b00ed4138fdb2b55

    • SSDEEP

      1536:c1DMz1DQvXLq6t7awFONecenlLnQHIG5R9c73P600t:9eGw9A0rC00t

    Score
    10/10
    modiloaderdiscoverypersistencetrojanupx

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

      trojanmodiloader

    • Modiloader family

      modiloader

    • ModiLoader Second Stage

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.