Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

1b3d88ef5b...18.exe

windows7-x64

10

1b3d88ef5b...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1b3d88ef5b59e2b614c8be08fad7a452_JaffaCakes118

  • Size

    17.2MB

  • Sample

    240701-pad1sstgjp

  • MD5

    1b3d88ef5b59e2b614c8be08fad7a452

  • SHA1

    227991af3745dfcdc668c07abb06906eeb5f8b9b

  • SHA256

    bfee3c556a2ad412b539c0c319381561d644c1cf2c5058de123e28b44ed97ec7

  • SHA512

    d7c45dd7a425c9f2458b4bee569048d647f7c99d3889a699aadd5ae24317e07ad36b7817e6897598c39029a1353e0e73c7a266eae8741d3ce2dfeb9fd936b844

  • SSDEEP

    393216:mtJ/dhoexN5iXH91xwyRJWx/Eu1rYoOV:s1VxNg+yjGx1MoM

Score
10/10
xmrigminerpersistence

Malware Config

Targets

    • Target

      1b3d88ef5b59e2b614c8be08fad7a452_JaffaCakes118

    • Size

      17.2MB

    • MD5

      1b3d88ef5b59e2b614c8be08fad7a452

    • SHA1

      227991af3745dfcdc668c07abb06906eeb5f8b9b

    • SHA256

      bfee3c556a2ad412b539c0c319381561d644c1cf2c5058de123e28b44ed97ec7

    • SHA512

      d7c45dd7a425c9f2458b4bee569048d647f7c99d3889a699aadd5ae24317e07ad36b7817e6897598c39029a1353e0e73c7a266eae8741d3ce2dfeb9fd936b844

    • SSDEEP

      393216:mtJ/dhoexN5iXH91xwyRJWx/Eu1rYoOV:s1VxNg+yjGx1MoM

    Score
    10/10
    xmrigminerpersistence

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Cryptocurrency Miner

      Makes network request to known mining pool URL.

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks