Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

24c639a182...18.exe

windows7-x64

8

24c639a182...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    24c639a18297db41949983f59e4054fa_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240704-f3g4gswfql

  • MD5

    24c639a18297db41949983f59e4054fa

  • SHA1

    999b084361f15698429f7d3c76462e2f45215161

  • SHA256

    b90c45b593caa67d5c686b4c0ae43364be4fedcaf801c57cd08b39c8f66bc1ab

  • SHA512

    4673629b812587745fb62d9a261b6487d7e5322dd57f109a70fc17d12621a8f6fb5c509f1f64b7253259cd9a801c34f5a207f043657f0641b23a76098e3bcc1a

  • SSDEEP

    12288:eg8GBI8sEyF6O5O2xDTMuQQpRhO54snV80LLbmVSpcStKpq9gJvvUotI45Ce7rQo:e4BQEwlFTjgN/bm0Lf9EvUo75CePpTk

Score
8/10
evasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      24c639a18297db41949983f59e4054fa_JaffaCakes118

    • Size

      1.2MB

    • MD5

      24c639a18297db41949983f59e4054fa

    • SHA1

      999b084361f15698429f7d3c76462e2f45215161

    • SHA256

      b90c45b593caa67d5c686b4c0ae43364be4fedcaf801c57cd08b39c8f66bc1ab

    • SHA512

      4673629b812587745fb62d9a261b6487d7e5322dd57f109a70fc17d12621a8f6fb5c509f1f64b7253259cd9a801c34f5a207f043657f0641b23a76098e3bcc1a

    • SSDEEP

      12288:eg8GBI8sEyF6O5O2xDTMuQQpRhO54snV80LLbmVSpcStKpq9gJvvUotI45Ce7rQo:e4BQEwlFTjgN/bm0Lf9EvUo75CePpTk

    Score
    8/10
    evasionpersistenceprivilege_escalation

    • Disables Task Manager via registry modification

      evasion

    • Event Triggered Execution: AppCert DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppCert DLLs loaded into processes.

      persistenceprivilege_escalation

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks