Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

JaffaCakes...97.exe

windows7-x64

5

JaffaCakes...97.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_98226477de7a9fd9a88d7a37d98ec197

  • Size

    336KB

  • Sample

    250204-zpdnpa1rex

  • MD5

    98226477de7a9fd9a88d7a37d98ec197

  • SHA1

    7a92a4998a51028050ea38cbf0cb83fd9fd2f12f

  • SHA256

    dd6c65f4a57116c571439088d2db56dac39c57ac12e8f08ec9cc2d3ffa822cc8

  • SHA512

    fd254aaef7abccce649be5713eadbbb4ec013140fbddab164ec66312dc68cf908b5b188b17a6ce6e9f438aaed0cdcbdbc08041b247eec0850ac0a3f083916ce8

  • SSDEEP

    6144:uMGnnmhXC8tpftVKAFHKeHXkI3pwwHeyv7gemG/0DzyrpDl3WjG6O9RVPL2Wu:uOtVKqqeXkUZ+yv6G/QUFlIjODVSWu

Score
10/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      JaffaCakes118_98226477de7a9fd9a88d7a37d98ec197

    • Size

      336KB

    • MD5

      98226477de7a9fd9a88d7a37d98ec197

    • SHA1

      7a92a4998a51028050ea38cbf0cb83fd9fd2f12f

    • SHA256

      dd6c65f4a57116c571439088d2db56dac39c57ac12e8f08ec9cc2d3ffa822cc8

    • SHA512

      fd254aaef7abccce649be5713eadbbb4ec013140fbddab164ec66312dc68cf908b5b188b17a6ce6e9f438aaed0cdcbdbc08041b247eec0850ac0a3f083916ce8

    • SSDEEP

      6144:uMGnnmhXC8tpftVKAFHKeHXkI3pwwHeyv7gemG/0DzyrpDl3WjG6O9RVPL2Wu:uOtVKqqeXkUZ+yv6G/QUFlIjODVSWu

    Score
    10/10
    discoveryupxpersistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks