Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

21b9535baf...18.exe

windows7-x64

10

21b9535baf...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21b9535baf268cdf2f05a56be056599e_JaffaCakes118

  • Size

    96KB

  • Sample

    240703-khyyqayepn

  • MD5

    21b9535baf268cdf2f05a56be056599e

  • SHA1

    74d614ae09842947a16630d2257e8b40609151a0

  • SHA256

    e0e4c279d23e919cf9557309e14ed489ca1663b5d0f4178d29c6fb904fe71e66

  • SHA512

    0973a04b5b4f31f5fe655d7875600d2d5bec2482a213f1af6dae78c4e6dacf0714cba28ced136f479407b903979b78d6e282e157631b882e69a4f907dec855cf

  • SSDEEP

    1536:7CQBHVwf6cO/h8LkGulSc16l6u+NMMl/KlYv1Tq5ThFRNIjN:5V7hJlu8CFFRCN

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      21b9535baf268cdf2f05a56be056599e_JaffaCakes118

    • Size

      96KB

    • MD5

      21b9535baf268cdf2f05a56be056599e

    • SHA1

      74d614ae09842947a16630d2257e8b40609151a0

    • SHA256

      e0e4c279d23e919cf9557309e14ed489ca1663b5d0f4178d29c6fb904fe71e66

    • SHA512

      0973a04b5b4f31f5fe655d7875600d2d5bec2482a213f1af6dae78c4e6dacf0714cba28ced136f479407b903979b78d6e282e157631b882e69a4f907dec855cf

    • SSDEEP

      1536:7CQBHVwf6cO/h8LkGulSc16l6u+NMMl/KlYv1Tq5ThFRNIjN:5V7hJlu8CFFRCN

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks