Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

fdade656db...18.exe

windows7-x64

1

fdade656db...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fdade656dbe21b750af957159863c56d_JaffaCakes118

  • Size

    630KB

  • Sample

    240420-z8tt1sah2s

  • MD5

    fdade656dbe21b750af957159863c56d

  • SHA1

    17f5402ef3fa0ffa858aed51f899a1e4a132bb52

  • SHA256

    2278173e5e1a188648cfbdc28969d3498f07b02faeee9d5c9d238cfec1c9a7f4

  • SHA512

    f9b6cd8641d79360831087e47f926682acdc495123ba6abd852e9dfa30a3195562bd238c8a73713a742cd4752f410a86942aa251a653f3fc23d14d6a49cab3df

  • SSDEEP

    12288:nuWI+N5yeDd+YyZICo61m6ZT6H+rru8DlViOHdjzSIlj839:uWI+NtdQ9m6ScueYIlj839

Score
9/10
evasion

Malware Config

Targets

    • Target

      fdade656dbe21b750af957159863c56d_JaffaCakes118

    • Size

      630KB

    • MD5

      fdade656dbe21b750af957159863c56d

    • SHA1

      17f5402ef3fa0ffa858aed51f899a1e4a132bb52

    • SHA256

      2278173e5e1a188648cfbdc28969d3498f07b02faeee9d5c9d238cfec1c9a7f4

    • SHA512

      f9b6cd8641d79360831087e47f926682acdc495123ba6abd852e9dfa30a3195562bd238c8a73713a742cd4752f410a86942aa251a653f3fc23d14d6a49cab3df

    • SSDEEP

      12288:nuWI+N5yeDd+YyZICo61m6ZT6H+rru8DlViOHdjzSIlj839:uWI+NtdQ9m6ScueYIlj839

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks