Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

0274d65f4e...18.exe

windows7-x64

8

0274d65f4e...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0274d65f4ee68b1fb425357c713cf8bd_JaffaCakes118

  • Size

    211KB

  • Sample

    240620-d51x9swgmg

  • MD5

    0274d65f4ee68b1fb425357c713cf8bd

  • SHA1

    e9a7c1d9e8296eb8495160749d188aee55aaad02

  • SHA256

    7146f9eee55a4519eed0b9cde362fb84e47115b576937a149d613e8e018a23d6

  • SHA512

    df68405bb61675e3cc377d0e6a5972cbd5c03a1f37c708f24bb25ca323ac56569e17f1c6f62b2d34b503a447f705e46e566dc190d31cc959482797d9ef68dc66

  • SSDEEP

    3072:oUGPS1zzF2puPFG0bGzIMnzOI4faa8B57+g5B3Qg+YMDUVLZq6mViKJTjwKCtBGx:P1fFvtnqz5z9a8B5VfQChqxHqFg2Fk

Score
8/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      0274d65f4ee68b1fb425357c713cf8bd_JaffaCakes118

    • Size

      211KB

    • MD5

      0274d65f4ee68b1fb425357c713cf8bd

    • SHA1

      e9a7c1d9e8296eb8495160749d188aee55aaad02

    • SHA256

      7146f9eee55a4519eed0b9cde362fb84e47115b576937a149d613e8e018a23d6

    • SHA512

      df68405bb61675e3cc377d0e6a5972cbd5c03a1f37c708f24bb25ca323ac56569e17f1c6f62b2d34b503a447f705e46e566dc190d31cc959482797d9ef68dc66

    • SSDEEP

      3072:oUGPS1zzF2puPFG0bGzIMnzOI4faa8B57+g5B3Qg+YMDUVLZq6mViKJTjwKCtBGx:P1fFvtnqz5z9a8B5VfQChqxHqFg2Fk

    Score
    8/10
    persistenceprivilege_escalation

    • Event Triggered Execution: AppCert DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppCert DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks