Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

JaffaCakes...de.exe

windows7-x64

10

JaffaCakes...de.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_14286f5d33d5d0db8c2cf853588105de

  • Size

    136KB

  • Sample

    250106-hffcgs1pdn

  • MD5

    14286f5d33d5d0db8c2cf853588105de

  • SHA1

    0054237732dfb296e5b5429886a057e4374c1515

  • SHA256

    0bf8feda9e131c4b5bc7b17218880c3a492f702fa9fd6dc9d10f5a62a72aa08a

  • SHA512

    f8169fc9ed525a268dca75f6e1e836fae00dabe3876aaf4766d21cf8d883fa91f0e4a6c8c9fcee3daec6ac6db0100614e7bbf0720b9015cd98015043dafe627d

  • SSDEEP

    1536:jSMJImKSOog+MxVnWzC5sWgzb7W/MEA6Jm2taMMco3v:ll1OogjVnQCia/lAYVi

Score
10/10
guloaderdiscoverydownloader

Malware Config

Targets

    • Target

      JaffaCakes118_14286f5d33d5d0db8c2cf853588105de

    • Size

      136KB

    • MD5

      14286f5d33d5d0db8c2cf853588105de

    • SHA1

      0054237732dfb296e5b5429886a057e4374c1515

    • SHA256

      0bf8feda9e131c4b5bc7b17218880c3a492f702fa9fd6dc9d10f5a62a72aa08a

    • SHA512

      f8169fc9ed525a268dca75f6e1e836fae00dabe3876aaf4766d21cf8d883fa91f0e4a6c8c9fcee3daec6ac6db0100614e7bbf0720b9015cd98015043dafe627d

    • SSDEEP

      1536:jSMJImKSOog+MxVnWzC5sWgzb7W/MEA6Jm2taMMco3v:ll1OogjVnQCia/lAYVi

    Score
    10/10
    guloaderdiscoverydownloader

    • Guloader family

      guloader

    • Guloader,Cloudeye

      A shellcode based downloader first seen in 2020.

      downloaderguloader

    • Checks QEMU agent file

      Checks presence of QEMU agent, possibly to detect virtualization.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks