Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

f78ce51671...18.exe

windows7-x64

7

f78ce51671...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f78ce516718cb7fc9ffa1c04dbea3595_JaffaCakes118

  • Size

    6.1MB

  • Sample

    240418-jfyphagc9v

  • MD5

    f78ce516718cb7fc9ffa1c04dbea3595

  • SHA1

    cf90acdc6c34e3576d1c29bee1d83c2862a756fd

  • SHA256

    6ccbedb7e89b7077f1b26ef73f26d364e788d06fc8410a24a4ade46a8c76683a

  • SHA512

    01c57526f4fd5c9bdbb4fe7bcd3cc7d973ef89747510c8400881dd1021d20a1b33845f4076f574e7a9dc3d932bcd77e73921594e1eeed6d13146f26b4debb267

  • SSDEEP

    196608:ON8jjoG1vhhff4xuvVf5lNTvN41xKkFi1zw9x7:ON8dnAuv9NaLKk0Nwz7

Score
7/10

Malware Config

Targets

    • Target

      f78ce516718cb7fc9ffa1c04dbea3595_JaffaCakes118

    • Size

      6.1MB

    • MD5

      f78ce516718cb7fc9ffa1c04dbea3595

    • SHA1

      cf90acdc6c34e3576d1c29bee1d83c2862a756fd

    • SHA256

      6ccbedb7e89b7077f1b26ef73f26d364e788d06fc8410a24a4ade46a8c76683a

    • SHA512

      01c57526f4fd5c9bdbb4fe7bcd3cc7d973ef89747510c8400881dd1021d20a1b33845f4076f574e7a9dc3d932bcd77e73921594e1eeed6d13146f26b4debb267

    • SSDEEP

      196608:ON8jjoG1vhhff4xuvVf5lNTvN41xKkFi1zw9x7:ON8dnAuv9NaLKk0Nwz7

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks