Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

0fba87d3b9...18.exe

windows7-x64

7

0fba87d3b9...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0fba87d3b94e1f90df22213f00d5ea7e_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240328-zpynvshb22

  • MD5

    0fba87d3b94e1f90df22213f00d5ea7e

  • SHA1

    15c7efa94dd69adcf53d54b743549ddb5193f129

  • SHA256

    0f9b427738584fc7f7614e83d4b4bd3ba20c51302b5f8ed8f3615e92de1cdf8e

  • SHA512

    dcfbdd6eacd9fe2490e237a62f9dbb1fada7d1418b711f30f8a1c42b116e634d6ca7e563d6cc213c02a3a04595b0d11d622008fd30d828a0ddb52035d41699b2

  • SSDEEP

    24576:8uPmLDUMihIXCE59yc2Ag2JMH70vvAHzfw4Up6:8u+LIIX7+cFg2JMH70vvA84Up6

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      0fba87d3b94e1f90df22213f00d5ea7e_JaffaCakes118

    • Size

      1.1MB

    • MD5

      0fba87d3b94e1f90df22213f00d5ea7e

    • SHA1

      15c7efa94dd69adcf53d54b743549ddb5193f129

    • SHA256

      0f9b427738584fc7f7614e83d4b4bd3ba20c51302b5f8ed8f3615e92de1cdf8e

    • SHA512

      dcfbdd6eacd9fe2490e237a62f9dbb1fada7d1418b711f30f8a1c42b116e634d6ca7e563d6cc213c02a3a04595b0d11d622008fd30d828a0ddb52035d41699b2

    • SSDEEP

      24576:8uPmLDUMihIXCE59yc2Ag2JMH70vvAHzfw4Up6:8u+LIIX7+cFg2JMH70vvA84Up6

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks