24b1650098b95b828484840088a0378ba90276f8f8c25395d6c4fcd4452e7e3c | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

061f8e81f1...18.exe

windows7-x64

8

061f8e81f1...18.exe

windows10-2004-x64

8

Sharing

General

Target

061f8e81f1e29af0c6dfae94fc31f992_JaffaCakes118
Size

52KB
Sample

240620-p2bdzssdpm
MD5

061f8e81f1e29af0c6dfae94fc31f992
SHA1

054ba0d47c3f49bf1fdacac81dfbc08a95673928
SHA256

24b1650098b95b828484840088a0378ba90276f8f8c25395d6c4fcd4452e7e3c
SHA512

66b7c7e60d0f9890985157d837a999925d7e8b5cef9bc0ba2a1105d29c161ee34db1c8da7901fbb7dd149e3fa156b023b78312edc4e34a78d4afd2f605bd97b1
SSDEEP

768:ZibOwazBZD4GDCsfO8hFaMEqIuMB1elTy9xD+MdlYE9EbuLy3FFdIYSNjdxGltXY:EKpnVPhZSGy9xD+iYEgYy1TgMltlu4

Score

8^/10

persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

061f8e81f1e29af0c6dfae94fc31f992_JaffaCakes118.exe

Resource

win7-20240508-en

persistence upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

061f8e81f1e29af0c6dfae94fc31f992_JaffaCakes118.exe

Resource

win10v2004-20240508-en

persistence upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  061f8e81f1e29af0c6dfae94fc31f992_JaffaCakes118
- Size
  
  52KB
- MD5
  
  061f8e81f1e29af0c6dfae94fc31f992
- SHA1
  
  054ba0d47c3f49bf1fdacac81dfbc08a95673928
- SHA256
  
  24b1650098b95b828484840088a0378ba90276f8f8c25395d6c4fcd4452e7e3c
- SHA512
  
  66b7c7e60d0f9890985157d837a999925d7e8b5cef9bc0ba2a1105d29c161ee34db1c8da7901fbb7dd149e3fa156b023b78312edc4e34a78d4afd2f605bd97b1
- SSDEEP
  
  768:ZibOwazBZD4GDCsfO8hFaMEqIuMB1elTy9xD+MdlYE9EbuLy3FFdIYSNjdxGltXY:EKpnVPhZSGy9xD+iYEgYy1TgMltlu4
Score

8^/10

persistence upx
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Image File Execution Options Injection

Privilege Escalation

Event Triggered Execution

Image File Execution Options Injection

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy