88f50b7ba3448b0b3a519a91a652a606ea72b1368ff269e887065a97d20fd248 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

1

ae8d9838a6...18.exe

windows7-x64

9

ae8d9838a6...18.exe

windows10-2004-x64

9

Sharing

General

Target

ae8d9838a64319a31fa3623381d51ce6_JaffaCakes118
Size

500KB
Sample

240615-qbm6javhjj
MD5

ae8d9838a64319a31fa3623381d51ce6
SHA1

0505e557365953f93e1e9f2baa7c50fb8c4274b4
SHA256

88f50b7ba3448b0b3a519a91a652a606ea72b1368ff269e887065a97d20fd248
SHA512

f384755e4d4a4f0b7c391feab7a91ef6ed8a8cbe69b2e2ed8f68bc50900027269c78a0804af131d1cabc40a96a235f610510693efeb54bde5e4860fbbeefc50d
SSDEEP

6144:vekcI4dnpjD9lTCJCEQ7JjPCMcTdz5CZj0zmo20eeCQ3+e6AuY+fnG9P94FKxuRi:vekKttqJb3muTCP/G/xuGIha

Score

9^/10

evasion

Static task

static1

Behavioral task

behavioral1

Sample

ae8d9838a64319a31fa3623381d51ce6_JaffaCakes118.exe

Resource

win7-20240508-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

ae8d9838a64319a31fa3623381d51ce6_JaffaCakes118.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  ae8d9838a64319a31fa3623381d51ce6_JaffaCakes118
- Size
  
  500KB
- MD5
  
  ae8d9838a64319a31fa3623381d51ce6
- SHA1
  
  0505e557365953f93e1e9f2baa7c50fb8c4274b4
- SHA256
  
  88f50b7ba3448b0b3a519a91a652a606ea72b1368ff269e887065a97d20fd248
- SHA512
  
  f384755e4d4a4f0b7c391feab7a91ef6ed8a8cbe69b2e2ed8f68bc50900027269c78a0804af131d1cabc40a96a235f610510693efeb54bde5e4860fbbeefc50d
- SSDEEP
  
  6144:vekcI4dnpjD9lTCJCEQ7JjPCMcTdz5CZj0zmo20eeCQ3+e6AuY+fnG9P94FKxuRi:vekKttqJb3muTCP/G/xuGIha
Score

9^/10

evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.