Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

0c27d97f58...18.exe

windows7-x64

10

0c27d97f58...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0c27d97f58f86e0bf6743ad0597004b2_JaffaCakes118

  • Size

    188KB

  • Sample

    240625-ddzk5axbnc

  • MD5

    0c27d97f58f86e0bf6743ad0597004b2

  • SHA1

    0ecf9581f4b363943e414a72c966f1d71f508bb1

  • SHA256

    6d0fbce3c3903013dd9e69ed3416f1e728db7baa369ca20f3fc6a8e87b5c6e8d

  • SHA512

    5aa7a66024e1631bc35e01b012bce42001e4f141bc59e348ad4248c46fd18210ab985ccbf1fcf7402f23ba0c7191e6c7c8d193f085326c8ec653939783b61336

  • SSDEEP

    3072:K7fyP+o5ROnFH5pY0hrDGILpLI0M/Dk4KrfXRdjnbk9bOlezfQnFTTvprw1W67W6:K76P+LCKs0tzXRdjbk9bbyvprww8W

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      0c27d97f58f86e0bf6743ad0597004b2_JaffaCakes118

    • Size

      188KB

    • MD5

      0c27d97f58f86e0bf6743ad0597004b2

    • SHA1

      0ecf9581f4b363943e414a72c966f1d71f508bb1

    • SHA256

      6d0fbce3c3903013dd9e69ed3416f1e728db7baa369ca20f3fc6a8e87b5c6e8d

    • SHA512

      5aa7a66024e1631bc35e01b012bce42001e4f141bc59e348ad4248c46fd18210ab985ccbf1fcf7402f23ba0c7191e6c7c8d193f085326c8ec653939783b61336

    • SSDEEP

      3072:K7fyP+o5ROnFH5pY0hrDGILpLI0M/Dk4KrfXRdjnbk9bOlezfQnFTTvprw1W67W6:K76P+LCKs0tzXRdjbk9bbyvprww8W

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks