Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

228874def7...18.exe

windows7-x64

8

228874def7...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    228874def7c66476be40389394d5ddc6_JaffaCakes118

  • Size

    19KB

  • Sample

    240703-qwl4zaygje

  • MD5

    228874def7c66476be40389394d5ddc6

  • SHA1

    fdf3f6c66f47e8d1641341424baea9ec8075a2fd

  • SHA256

    f50be667a3879fe4cda7b73d15971dddaad828b6dcfe983322737b2e9f46956f

  • SHA512

    385457724e99aa77e6e5b1217237809e1d03918f9928e3aa4b09f9b43ab096005e5e412240456c65dd7967a60841193b6cb896989e6aedf70928c6f9027f3b72

  • SSDEEP

    384:4U8l7m2vDBlXAyomDFuAxAagu3KkHF3Q03sxfhB4vZCWp208XCI6VDhAbkD+:4/l7m29qMDNxAagu3hQ0cJ6ZCQ2yIQDq

Score
8/10
persistence

Malware Config

Targets

    • Target

      228874def7c66476be40389394d5ddc6_JaffaCakes118

    • Size

      19KB

    • MD5

      228874def7c66476be40389394d5ddc6

    • SHA1

      fdf3f6c66f47e8d1641341424baea9ec8075a2fd

    • SHA256

      f50be667a3879fe4cda7b73d15971dddaad828b6dcfe983322737b2e9f46956f

    • SHA512

      385457724e99aa77e6e5b1217237809e1d03918f9928e3aa4b09f9b43ab096005e5e412240456c65dd7967a60841193b6cb896989e6aedf70928c6f9027f3b72

    • SSDEEP

      384:4U8l7m2vDBlXAyomDFuAxAagu3KkHF3Q03sxfhB4vZCWp208XCI6VDhAbkD+:4/l7m29qMDNxAagu3hQ0cJ6ZCQ2yIQDq

    Score
    8/10
    persistence

    • Event Triggered Execution: Image File Execution Options Injection

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks