Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

1c2aa519cf...18.exe

windows7-x64

6

1c2aa519cf...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c2aa519cf1a087fd5bc9b16f3b29fbf_JaffaCakes118

  • Size

    388KB

  • Sample

    240701-xtvrnayaqm

  • MD5

    1c2aa519cf1a087fd5bc9b16f3b29fbf

  • SHA1

    cca1d82c54587343885b8ef28b3ec2e12e0ccc2f

  • SHA256

    6f9ff374fe39ab45d30d728317dd3afaa5f307637eba3e4e7dcd7eb50084023f

  • SHA512

    b88117ddec7a9034d6d9379ab39597dcfa92053f6b199771992f6a357711b9ec88c0321a9d23c1703a2ce432874dcefa20ddbc721d2e8c03a61b5fab3ba598b7

  • SSDEEP

    6144:uBIHYIw4oP7kvzP3VyQgkrydG5/YHcUWF4/G4TyQOI5JgpcvqNplcwaNC:up4oPs3VvgldG5/4WF4fT0Iw5piNC

Score
6/10

Malware Config

Targets

    • Target

      1c2aa519cf1a087fd5bc9b16f3b29fbf_JaffaCakes118

    • Size

      388KB

    • MD5

      1c2aa519cf1a087fd5bc9b16f3b29fbf

    • SHA1

      cca1d82c54587343885b8ef28b3ec2e12e0ccc2f

    • SHA256

      6f9ff374fe39ab45d30d728317dd3afaa5f307637eba3e4e7dcd7eb50084023f

    • SHA512

      b88117ddec7a9034d6d9379ab39597dcfa92053f6b199771992f6a357711b9ec88c0321a9d23c1703a2ce432874dcefa20ddbc721d2e8c03a61b5fab3ba598b7

    • SSDEEP

      6144:uBIHYIw4oP7kvzP3VyQgkrydG5/YHcUWF4/G4TyQOI5JgpcvqNplcwaNC:up4oPs3VvgldG5/4WF4fT0Iw5piNC

    Score
    6/10

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks