Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

JaffaCakes...72.exe

windows7-x64

10

JaffaCakes...72.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_342751878d07e46f3efd6b853cf06272

  • Size

    62KB

  • Sample

    250228-ymst6av1ez

  • MD5

    342751878d07e46f3efd6b853cf06272

  • SHA1

    1d5199f7c879f803d50fa59896f89145e67bd699

  • SHA256

    13b21bf5da95f824edc00639c6cf87462c95709de4b219eb118a6534d8d5cdc3

  • SHA512

    19d64331046e5ff95c99eb98dddb03a72018d504b3471478a62f9e6ea7e2460d295e5a661ecb4f38e34bddb82d8f4f0896dff320fe6be671f08ba81ea5926b64

  • SSDEEP

    1536:zPu7RNHlimXv8ikO+hBXT7G/5Pa0C9+XLUY:QL7vV+hp7Sap+bUY

Score
10/10
vobfusdiscoverypersistenceupxworm

Malware Config

Targets

    • Target

      JaffaCakes118_342751878d07e46f3efd6b853cf06272

    • Size

      62KB

    • MD5

      342751878d07e46f3efd6b853cf06272

    • SHA1

      1d5199f7c879f803d50fa59896f89145e67bd699

    • SHA256

      13b21bf5da95f824edc00639c6cf87462c95709de4b219eb118a6534d8d5cdc3

    • SHA512

      19d64331046e5ff95c99eb98dddb03a72018d504b3471478a62f9e6ea7e2460d295e5a661ecb4f38e34bddb82d8f4f0896dff320fe6be671f08ba81ea5926b64

    • SSDEEP

      1536:zPu7RNHlimXv8ikO+hBXT7G/5Pa0C9+XLUY:QL7vV+hp7Sap+bUY

    Score
    10/10
    vobfusdiscoverypersistenceupxworm

    • Vobfus

      A widespread worm which spreads via network drives and removable media.

      wormvobfus

    • Vobfus family

      vobfus

    • Adds policy Run key to start application

      persistence

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks