Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

f192be5480...18.exe

windows7-x64

10

f192be5480...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f192be548039bef6f44a51e0b3c42ff6_JaffaCakes118

  • Size

    264KB

  • Sample

    240415-vsfv1abf93

  • MD5

    f192be548039bef6f44a51e0b3c42ff6

  • SHA1

    d02b4c11809b4b5121757b5214d340981cbb5179

  • SHA256

    70e5e0bf439f5ce8dc1f1fd598465b3698b043b13d93bc915ad00544ea81e3fe

  • SHA512

    95befeb2edd80aac3dfd85790219719629f8e59389d619c83525c7eeffcb1456c2308b06fefa2a6242caf8291bd33e31c73c90899ccc836fd203cd32dd325dcd

  • SSDEEP

    3072:oka+QTRhTx5fFEZDp/aRg/utQa3V+LuJC0HezOVneDWxlVNMAZNz/wGHk71mUGdY:oRTzTx5WK3V+I6OVnHYGHk70dHL

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      f192be548039bef6f44a51e0b3c42ff6_JaffaCakes118

    • Size

      264KB

    • MD5

      f192be548039bef6f44a51e0b3c42ff6

    • SHA1

      d02b4c11809b4b5121757b5214d340981cbb5179

    • SHA256

      70e5e0bf439f5ce8dc1f1fd598465b3698b043b13d93bc915ad00544ea81e3fe

    • SHA512

      95befeb2edd80aac3dfd85790219719629f8e59389d619c83525c7eeffcb1456c2308b06fefa2a6242caf8291bd33e31c73c90899ccc836fd203cd32dd325dcd

    • SSDEEP

      3072:oka+QTRhTx5fFEZDp/aRg/utQa3V+LuJC0HezOVneDWxlVNMAZNz/wGHk71mUGdY:oRTzTx5WK3V+I6OVnHYGHk70dHL

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks