Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

16175ed53b...18.exe

windows7-x64

10

16175ed53b...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16175ed53b3962d8c14c1ffd5f2482c7_JaffaCakes118

  • Size

    204KB

  • Sample

    240627-p8b9vssemc

  • MD5

    16175ed53b3962d8c14c1ffd5f2482c7

  • SHA1

    1c76ef23b41bae50dc700c0ee5cbbf9a1d05e7a7

  • SHA256

    26fede729834ee64c5bbe0cfa5516e72fb5dc361ace426c3cac2d8cc3c51ec0c

  • SHA512

    e289106343394ef5f884398cca66a05bfeb75f01e02c46d91a4e481164dcf2e4576c41aa5d8648a5cb8a16c4a4a76bbd61b8bb7c9ed1a695dd26a17e88621275

  • SSDEEP

    3072:1TqqZBXj3pZgjxp8HRfW+Ida220gN4JsBi40BuWNVYrcLwcYieNRrhomiyTfXIKg:1muxDpZgdORfWTmiDBuhTIaxu+7qT

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      16175ed53b3962d8c14c1ffd5f2482c7_JaffaCakes118

    • Size

      204KB

    • MD5

      16175ed53b3962d8c14c1ffd5f2482c7

    • SHA1

      1c76ef23b41bae50dc700c0ee5cbbf9a1d05e7a7

    • SHA256

      26fede729834ee64c5bbe0cfa5516e72fb5dc361ace426c3cac2d8cc3c51ec0c

    • SHA512

      e289106343394ef5f884398cca66a05bfeb75f01e02c46d91a4e481164dcf2e4576c41aa5d8648a5cb8a16c4a4a76bbd61b8bb7c9ed1a695dd26a17e88621275

    • SSDEEP

      3072:1TqqZBXj3pZgjxp8HRfW+Ida220gN4JsBi40BuWNVYrcLwcYieNRrhomiyTfXIKg:1muxDpZgdORfWTmiDBuhTIaxu+7qT

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks