Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

19941092c0...18.exe

windows7-x64

7

19941092c0...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    19941092c00fe2083d3615e6b248188b_JaffaCakes118

  • Size

    26KB

  • Sample

    240628-k6vafavapj

  • MD5

    19941092c00fe2083d3615e6b248188b

  • SHA1

    b026ac662b6e564a802f4b5b4e77271b6e892d56

  • SHA256

    8586dd4c94fa9f5c113c11c12c289321a3f9bdff99ab09132343155b637140db

  • SHA512

    be9f5d86ac1c3a887d10333ae0f7506be4b32c8ce4dd0f82286faed553aa6e27accac2c0158b27cbf88b359c3477ea555d52deab26b527a23f0c3d67f329cd63

  • SSDEEP

    384:5VgAFfec5YzWUIN5JJO7ocuDg+nUHJg0tx0/PUxS20:QMWqYzpITPAKuHJg070Ux

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      19941092c00fe2083d3615e6b248188b_JaffaCakes118

    • Size

      26KB

    • MD5

      19941092c00fe2083d3615e6b248188b

    • SHA1

      b026ac662b6e564a802f4b5b4e77271b6e892d56

    • SHA256

      8586dd4c94fa9f5c113c11c12c289321a3f9bdff99ab09132343155b637140db

    • SHA512

      be9f5d86ac1c3a887d10333ae0f7506be4b32c8ce4dd0f82286faed553aa6e27accac2c0158b27cbf88b359c3477ea555d52deab26b527a23f0c3d67f329cd63

    • SSDEEP

      384:5VgAFfec5YzWUIN5JJO7ocuDg+nUHJg0tx0/PUxS20:QMWqYzpITPAKuHJg070Ux

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks