Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_613b9d57d7556eae3dc39fbfb0c9063e

  • Size

    717KB

  • Sample

    250101-28jp6aznay

  • MD5

    613b9d57d7556eae3dc39fbfb0c9063e

  • SHA1

    825400d0a23e0fbff09fc1a3a879d22de9436b4c

  • SHA256

    d411f29e2e52cebeaf4f4b13a0a6c1c04e19b51343a753a546781e4f2bd02369

  • SHA512

    5a072e135d665f5b2d081130fb45178fd1aa319e701c94641639f5e949026f638c1a22cbfbfa888d6569c3e5af132f1c711adabaad79f65330bd9837f43af262

  • SSDEEP

    12288:wpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIbn:KwAcu99lPzvxP+Bsz2XjWTRMQckkIb

Malware Config

Targets

    • Target

      JaffaCakes118_613b9d57d7556eae3dc39fbfb0c9063e

    • Size

      717KB

    • MD5

      613b9d57d7556eae3dc39fbfb0c9063e

    • SHA1

      825400d0a23e0fbff09fc1a3a879d22de9436b4c

    • SHA256

      d411f29e2e52cebeaf4f4b13a0a6c1c04e19b51343a753a546781e4f2bd02369

    • SHA512

      5a072e135d665f5b2d081130fb45178fd1aa319e701c94641639f5e949026f638c1a22cbfbfa888d6569c3e5af132f1c711adabaad79f65330bd9837f43af262

    • SSDEEP

      12288:wpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIbn:KwAcu99lPzvxP+Bsz2XjWTRMQckkIb

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks