Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

013ae272a8...18.exe

windows7-x64

8

013ae272a8...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    013ae272a8592dc71cf0e365224b4c5f_JaffaCakes118

  • Size

    17KB

  • Sample

    240619-3pwq2sxcme

  • MD5

    013ae272a8592dc71cf0e365224b4c5f

  • SHA1

    07c0c948d1dfdadaf5ca4ad3218321510c3b20e7

  • SHA256

    8f1efedc8a775a66d1f48033ce08ad85dd40382b802740a0c9c6be55e3081993

  • SHA512

    561c1c3af88f37b72c98012f93cac797df5c0c2149ebf2ba0ff3e93f87038bb5688aa4cf36b60a2cfa303f5398da8d8fc5c2d3f9d1f6008fd1e7a55ed2f8a9dd

  • SSDEEP

    384:Xb1YqflUofA8IT+kgPPYtCQ/ZfcyN5Q6gttA0nurPPnyhI:XbuCl5A8I7gYEwfcrJnqChI

Score
8/10
persistence

Malware Config

Targets

    • Target

      013ae272a8592dc71cf0e365224b4c5f_JaffaCakes118

    • Size

      17KB

    • MD5

      013ae272a8592dc71cf0e365224b4c5f

    • SHA1

      07c0c948d1dfdadaf5ca4ad3218321510c3b20e7

    • SHA256

      8f1efedc8a775a66d1f48033ce08ad85dd40382b802740a0c9c6be55e3081993

    • SHA512

      561c1c3af88f37b72c98012f93cac797df5c0c2149ebf2ba0ff3e93f87038bb5688aa4cf36b60a2cfa303f5398da8d8fc5c2d3f9d1f6008fd1e7a55ed2f8a9dd

    • SSDEEP

      384:Xb1YqflUofA8IT+kgPPYtCQ/ZfcyN5Q6gttA0nurPPnyhI:XbuCl5A8I7gYEwfcrJnqChI

    Score
    8/10
    persistence

    • Adds policy Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks