Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

ec2b20bece...18.exe

windows7-x64

8

ec2b20bece...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ec2b20becef5e1f5f15b87bc9d88a4b8_JaffaCakes118

  • Size

    384KB

  • Sample

    240410-2w382agg5t

  • MD5

    ec2b20becef5e1f5f15b87bc9d88a4b8

  • SHA1

    5e439560f28d53f10fa6f099839fd90a3ecf0bdf

  • SHA256

    c83f4c842477d38509ae96f737ff0d21e247ba39125e78c3c3c6c390a9f2fbe0

  • SHA512

    3c52b046369c67722c777e2c2c1e637c629c22f4dde1e36327dc2cbaaad879eeb320f876d823280752665fed20fca9e30c46c12aa5f5b0a17b348d145c7381cd

  • SSDEEP

    6144:rJdjOLB+HmuYY5/NvTKfdqZV5Acf0cF2FddKllTvY9FyO8y67rvJI0ls5C:rvjmB+t/NvOgZV5Aq0R6FvsI/R7

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      ec2b20becef5e1f5f15b87bc9d88a4b8_JaffaCakes118

    • Size

      384KB

    • MD5

      ec2b20becef5e1f5f15b87bc9d88a4b8

    • SHA1

      5e439560f28d53f10fa6f099839fd90a3ecf0bdf

    • SHA256

      c83f4c842477d38509ae96f737ff0d21e247ba39125e78c3c3c6c390a9f2fbe0

    • SHA512

      3c52b046369c67722c777e2c2c1e637c629c22f4dde1e36327dc2cbaaad879eeb320f876d823280752665fed20fca9e30c46c12aa5f5b0a17b348d145c7381cd

    • SSDEEP

      6144:rJdjOLB+HmuYY5/NvTKfdqZV5Acf0cF2FddKllTvY9FyO8y67rvJI0ls5C:rvjmB+t/NvOgZV5Aq0R6FvsI/R7

    Score
    8/10
    discoverypersistence

    • Drops file in Drivers directory

    • Sets DLL path for service in the registry

      persistence

    • Sets service image path in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks