Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a7999fdc22267dfb694ae78d0d459f32_JaffaCakes118
-
Size
2.9MB
-
Sample
240614-b56gmszhpe
-
MD5
a7999fdc22267dfb694ae78d0d459f32
-
SHA1
fc59409ba28138bd3841a653fa9466dcb1f235eb
-
SHA256
7e86ee2b25f878cdeba22b0aa54c9220784eacc3254cc87316a9e897870acfcc
-
SHA512
bffde29c0d120c59d4c2a7e88281bed18589e5df335d67be41574898a7da042a1b7944052120174078d08753320da6bee3846faf1d90f06c2a2e1d414437cd83
-
SSDEEP
49152:Dgmpze/f35PphJ/eyTpmvZOWf+Fu4PadC04B9CNsxTRHd7F0hQhjRvaPQKhn3u2F:Dzze33Tn/xTp4Ff+g4pCsv7F1jRvoneA
Static task
static1
Behavioral task
behavioral1
Sample
Driver_Daruma_S700.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
Driver_Daruma_S700.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Driver_Daruma_S700.exe
-
Size
2.9MB
-
MD5
1cfce8394154d228e41ad27c6f7c95b1
-
SHA1
8327060ec76507d23310a2c5d5e13754d8fbf3b3
-
SHA256
c40a8fc908bde7b50e0c2ba23b777dc5fa7eb443db08566cc36ef1576dcbf06b
-
SHA512
d916dd5d11b43683cad0410f450bd9444fa7f15e2a75134c466e1722d0248a29d2373a2686075c300e614b969f9862c78627df1c4a876ecd97eb5703c23cd1ed
-
SSDEEP
49152:uySX1qHfDjV5TZDCilpuPLwkJIF6ur6540W5/2pU79RhdTz07shjRhGPSWxldQOX:u51q/DH1DVlpCTJII6926DTzJjRhGlik
Score8/10-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-