Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

2c80e3532e...18.exe

windows7-x64

8

2c80e3532e...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c80e3532ef66b27dde987511f5dfa9e_JaffaCakes118

  • Size

    334KB

  • Sample

    240708-qk6z1atbkg

  • MD5

    2c80e3532ef66b27dde987511f5dfa9e

  • SHA1

    c4a3ca18a9b65d37b920af8b002f51e480e4091b

  • SHA256

    3234e825e7ee8be23803307d0333b60f89ffd821005ff8fa56b6df32dca5a398

  • SHA512

    2b8f37bda8c7bc9cb4e10a1f904d6980128536139eed7ceeeb4572cbc8724eec0fceb688d5c37cfe6c11cb9a093b7c77f03b4b5e901c5006381043bbee584b30

  • SSDEEP

    6144:/MZnW1YnbIZNWVxiMyoA2y7NQj55tZ9H3y1NCZx/tyADGVnyVb0a8m:lYbQuxiMnyZcHHRL/nDAny9Ym

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      2c80e3532ef66b27dde987511f5dfa9e_JaffaCakes118

    • Size

      334KB

    • MD5

      2c80e3532ef66b27dde987511f5dfa9e

    • SHA1

      c4a3ca18a9b65d37b920af8b002f51e480e4091b

    • SHA256

      3234e825e7ee8be23803307d0333b60f89ffd821005ff8fa56b6df32dca5a398

    • SHA512

      2b8f37bda8c7bc9cb4e10a1f904d6980128536139eed7ceeeb4572cbc8724eec0fceb688d5c37cfe6c11cb9a093b7c77f03b4b5e901c5006381043bbee584b30

    • SSDEEP

      6144:/MZnW1YnbIZNWVxiMyoA2y7NQj55tZ9H3y1NCZx/tyADGVnyVb0a8m:lYbQuxiMnyZcHHRL/nDAny9Ym

    Score
    8/10
    evasionpersistenceupx

    • Disables Task Manager via registry modification

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks