Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

178ae9ec0d...18.exe

windows7-x64

7

178ae9ec0d...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    178ae9ec0d28ecbd42dec28de30376c5_JaffaCakes118

  • Size

    91KB

  • Sample

    240627-z1rdxstcmm

  • MD5

    178ae9ec0d28ecbd42dec28de30376c5

  • SHA1

    1d6ee629611b7e11fadb5153e214b9784cf9a950

  • SHA256

    87f95cf06cf4aca5be6bcf8e85ec2592611db73e32b703f6802b9679145f1f1a

  • SHA512

    c95e636fa0e1664a68fec663b14b296b5caa84788e9949627a3a51cb0f9ed7e155bb22edfea412ef819783d54fcc91d6348d1ebad628038f3a8c0b6573667df6

  • SSDEEP

    1536:ZiDLG7z8p+SZjBHdEhIxBtS5Q5grdU3+kNS9Y/bmF6uIo6nX7mNeomBZzJ1J+B00:ZifEzyPHdEaaQ5g2Ow2Y/bmF65NCNeoR

Score
7/10

Malware Config

Targets

    • Target

      178ae9ec0d28ecbd42dec28de30376c5_JaffaCakes118

    • Size

      91KB

    • MD5

      178ae9ec0d28ecbd42dec28de30376c5

    • SHA1

      1d6ee629611b7e11fadb5153e214b9784cf9a950

    • SHA256

      87f95cf06cf4aca5be6bcf8e85ec2592611db73e32b703f6802b9679145f1f1a

    • SHA512

      c95e636fa0e1664a68fec663b14b296b5caa84788e9949627a3a51cb0f9ed7e155bb22edfea412ef819783d54fcc91d6348d1ebad628038f3a8c0b6573667df6

    • SSDEEP

      1536:ZiDLG7z8p+SZjBHdEhIxBtS5Q5grdU3+kNS9Y/bmF6uIo6nX7mNeomBZzJ1J+B00:ZifEzyPHdEaaQ5g2Ow2Y/bmF65NCNeoR

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks