13e97c7dafc87ec81f5cf7fbe40d654c008c09b52ec7623b00b575eeca43be36 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

20ad938d53...18.exe

windows7-x64

7

20ad938d53...18.exe

windows10-2004-x64

7

Sharing

General

Target

20ad938d5304ae1db19382ffe2313553_JaffaCakes118
Size

1.2MB
Sample

240507-qj52bahc41
MD5

20ad938d5304ae1db19382ffe2313553
SHA1

d7ec235c00d1282c4edc41cd82d84e3481bc7831
SHA256

13e97c7dafc87ec81f5cf7fbe40d654c008c09b52ec7623b00b575eeca43be36
SHA512

df760cf8b755fbe7a651fd21444b9cbf21a5791ce0a8fa4736b2f8ec0c0feece545180d546af359b709b413de74703f5b8f4fc7fadd55f6c85d4d1e94e857d75
SSDEEP

12288:HwjVExzBxRKKGRmgMrAFElaT4ahw5HyzwLskOjxVEkK6DWkeCh8E4CiYWbkHAjDo:HyE1BWK8mgMOe5uW9g3EkKL/uTqZ1y

Score

7^/10

discovery evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

20ad938d5304ae1db19382ffe2313553_JaffaCakes118.exe

Resource

win7-20240220-en

discovery evasion persistence trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

20ad938d5304ae1db19382ffe2313553_JaffaCakes118.exe

Resource

win10v2004-20240226-en

evasion persistence trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  20ad938d5304ae1db19382ffe2313553_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  20ad938d5304ae1db19382ffe2313553
- SHA1
  
  d7ec235c00d1282c4edc41cd82d84e3481bc7831
- SHA256
  
  13e97c7dafc87ec81f5cf7fbe40d654c008c09b52ec7623b00b575eeca43be36
- SHA512
  
  df760cf8b755fbe7a651fd21444b9cbf21a5791ce0a8fa4736b2f8ec0c0feece545180d546af359b709b413de74703f5b8f4fc7fadd55f6c85d4d1e94e857d75
- SSDEEP
  
  12288:HwjVExzBxRKKGRmgMrAFElaT4ahw5HyzwLskOjxVEkK6DWkeCh8E4CiYWbkHAjDo:HyE1BWK8mgMOe5uW9g3EkKL/uTqZ1y
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

evasionpersistencetrojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.