Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

Driver_Dar...00.exe

windows7-x64

8

Driver_Dar...00.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a7999fdc22267dfb694ae78d0d459f32_JaffaCakes118

  • Size

    2.9MB

  • Sample

    240614-b56gmszhpe

  • MD5

    a7999fdc22267dfb694ae78d0d459f32

  • SHA1

    fc59409ba28138bd3841a653fa9466dcb1f235eb

  • SHA256

    7e86ee2b25f878cdeba22b0aa54c9220784eacc3254cc87316a9e897870acfcc

  • SHA512

    bffde29c0d120c59d4c2a7e88281bed18589e5df335d67be41574898a7da042a1b7944052120174078d08753320da6bee3846faf1d90f06c2a2e1d414437cd83

  • SSDEEP

    49152:Dgmpze/f35PphJ/eyTpmvZOWf+Fu4PadC04B9CNsxTRHd7F0hQhjRvaPQKhn3u2F:Dzze33Tn/xTp4Ff+g4pCsv7F1jRvoneA

Score
8/10

Malware Config

Targets

    • Target

      Driver_Daruma_S700.exe

    • Size

      2.9MB

    • MD5

      1cfce8394154d228e41ad27c6f7c95b1

    • SHA1

      8327060ec76507d23310a2c5d5e13754d8fbf3b3

    • SHA256

      c40a8fc908bde7b50e0c2ba23b777dc5fa7eb443db08566cc36ef1576dcbf06b

    • SHA512

      d916dd5d11b43683cad0410f450bd9444fa7f15e2a75134c466e1722d0248a29d2373a2686075c300e614b969f9862c78627df1c4a876ecd97eb5703c23cd1ed

    • SSDEEP

      49152:uySX1qHfDjV5TZDCilpuPLwkJIF6ur6540W5/2pU79RhdTz07shjRhGPSWxldQOX:u51q/DH1DVlpCTJII6926DTzJjRhGlik

    Score
    8/10

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks