Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

d5671add72...18.exe

windows7-x64

8

d5671add72...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d5671add722cdca65ce15f29600eec47_JaffaCakes118

  • Size

    232KB

  • Sample

    240405-q3vppadf7x

  • MD5

    d5671add722cdca65ce15f29600eec47

  • SHA1

    bc417c926569205a12204446b966d72ca199e73c

  • SHA256

    df112e32296232cbbee9e0da6b4d40659604b654de9f65500c97a7576c0a0060

  • SHA512

    78be8ed94fd2e18280a9f8fa43b85569f98548901b7f924f9b49e72576b9cfbf4a34b8c74124381615549f940e2ac9f36f969cb142c8c9475dd665e42aecff65

  • SSDEEP

    3072:h7//9yazxLySP4/LN/PCeSuwz2b4g3+40cLxucVyQU7g7a7/gt9+JzCTL8BbRSCc:hM3SPsZ/Pe2b/3EcLxuHF0mU9vA

Score
8/10
upx

Malware Config

Targets

    • Target

      d5671add722cdca65ce15f29600eec47_JaffaCakes118

    • Size

      232KB

    • MD5

      d5671add722cdca65ce15f29600eec47

    • SHA1

      bc417c926569205a12204446b966d72ca199e73c

    • SHA256

      df112e32296232cbbee9e0da6b4d40659604b654de9f65500c97a7576c0a0060

    • SHA512

      78be8ed94fd2e18280a9f8fa43b85569f98548901b7f924f9b49e72576b9cfbf4a34b8c74124381615549f940e2ac9f36f969cb142c8c9475dd665e42aecff65

    • SSDEEP

      3072:h7//9yazxLySP4/LN/PCeSuwz2b4g3+40cLxucVyQU7g7a7/gt9+JzCTL8BbRSCc:hM3SPsZ/Pe2b/3EcLxuHF0mU9vA

    Score
    8/10
    upx

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks