Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

f1308b0946...18.exe

windows7-x64

10

f1308b0946...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f1308b094665632786d006b7c204e2db_JaffaCakes118

  • Size

    216KB

  • Sample

    240415-qylwzshh9z

  • MD5

    f1308b094665632786d006b7c204e2db

  • SHA1

    8ee2d68f688cc5c314d82db01788401a76058064

  • SHA256

    6643d2b5576c1b7e78e0ed92dedc8c99cf97b5c03a87b76e65b69d6b892fdb96

  • SHA512

    5d349aab6014c9dcd10a06c7c59db06bb9cb9219813145694d5c4a2b7c652dcf63275676746093a8ffd9864af45254b955272ce068eebb711de2b0bd2f1bb591

  • SSDEEP

    6144:gqZxO4ECtrkQ5zgMZUP15HcAgonAmKfwDVAQ:Td1gMZUHcAgonAmZDV

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      f1308b094665632786d006b7c204e2db_JaffaCakes118

    • Size

      216KB

    • MD5

      f1308b094665632786d006b7c204e2db

    • SHA1

      8ee2d68f688cc5c314d82db01788401a76058064

    • SHA256

      6643d2b5576c1b7e78e0ed92dedc8c99cf97b5c03a87b76e65b69d6b892fdb96

    • SHA512

      5d349aab6014c9dcd10a06c7c59db06bb9cb9219813145694d5c4a2b7c652dcf63275676746093a8ffd9864af45254b955272ce068eebb711de2b0bd2f1bb591

    • SSDEEP

      6144:gqZxO4ECtrkQ5zgMZUP15HcAgonAmKfwDVAQ:Td1gMZUHcAgonAmZDV

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks