0e72a91521feec6563f3efcebb06dfaab40d334e576a1fb14397bbe7952e6721 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

ff3a026721...18.exe

windows7-x64

7

ff3a026721...18.exe

windows10-2004-x64

7

Sharing

General

Target

ff3a02672149effa6689afaa085fa5fe_JaffaCakes118
Size

3.0MB
Sample

240421-n5w97aag43
MD5

ff3a02672149effa6689afaa085fa5fe
SHA1

c1a6e0de3e0bced093bf149d9b2f98579ea02b3a
SHA256

0e72a91521feec6563f3efcebb06dfaab40d334e576a1fb14397bbe7952e6721
SHA512

05db034a20dc3c0f30d2528f043ba57ed0d4e1530880bd30addb572a5e9906eb8d37f0a67292be0d2d4b90df0fd1d9636d6ed356e7b0b1cde2882a24e9fcfe22
SSDEEP

49152:xVNDUFmDI2v8ccPIWcakLHQK50ZEIrBLcakLvUcb5jacakLHQK50ZEIrBLcakLj:JDUFmDI2v8ccPIWcakLv02IrBLcakwcl

Score

7^/10

upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ff3a02672149effa6689afaa085fa5fe_JaffaCakes118.exe

Resource

win7-20240215-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

ff3a02672149effa6689afaa085fa5fe_JaffaCakes118.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  ff3a02672149effa6689afaa085fa5fe_JaffaCakes118
- Size
  
  3.0MB
- MD5
  
  ff3a02672149effa6689afaa085fa5fe
- SHA1
  
  c1a6e0de3e0bced093bf149d9b2f98579ea02b3a
- SHA256
  
  0e72a91521feec6563f3efcebb06dfaab40d334e576a1fb14397bbe7952e6721
- SHA512
  
  05db034a20dc3c0f30d2528f043ba57ed0d4e1530880bd30addb572a5e9906eb8d37f0a67292be0d2d4b90df0fd1d9636d6ed356e7b0b1cde2882a24e9fcfe22
- SSDEEP
  
  49152:xVNDUFmDI2v8ccPIWcakLHQK50ZEIrBLcakLvUcb5jacakLHQK50ZEIrBLcakLj:JDUFmDI2v8ccPIWcakLv02IrBLcakwcl
Score

7^/10

upx
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy