Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

2e7d15a532...18.dll

windows7-x64

8

2e7d15a532...18.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e7d15a5329ade0f17ab8224c3925d3a_JaffaCakes118

  • Size

    32KB

  • Sample

    240709-bkkpfayclk

  • MD5

    2e7d15a5329ade0f17ab8224c3925d3a

  • SHA1

    4022beb5f1c2fa63a2d80cc9e55a369bc7175436

  • SHA256

    c4ae7e7bd0f94c4ff8892b14295ad2d74279e1082a03e1758231e79c94f16403

  • SHA512

    ce2340f9df04ab6f9df7766f41bbbb74fe27a9b260389afd4cd47b78436fca0ae4b7112acd7200f5114bbc55c22d3fb02d71c01d1b248544713088cdb8fec4dd

  • SSDEEP

    384:eUEk5GPafpRwt1paJs2VVmWKcF8/NXvPAzz55ZR51WwyK/8GuPP:eC1sBa/ccF8/NX3AnzZR51WpKUGuX

Score
8/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      2e7d15a5329ade0f17ab8224c3925d3a_JaffaCakes118

    • Size

      32KB

    • MD5

      2e7d15a5329ade0f17ab8224c3925d3a

    • SHA1

      4022beb5f1c2fa63a2d80cc9e55a369bc7175436

    • SHA256

      c4ae7e7bd0f94c4ff8892b14295ad2d74279e1082a03e1758231e79c94f16403

    • SHA512

      ce2340f9df04ab6f9df7766f41bbbb74fe27a9b260389afd4cd47b78436fca0ae4b7112acd7200f5114bbc55c22d3fb02d71c01d1b248544713088cdb8fec4dd

    • SSDEEP

      384:eUEk5GPafpRwt1paJs2VVmWKcF8/NXvPAzz55ZR51WwyK/8GuPP:eC1sBa/ccF8/NX3AnzZR51WpKUGuX

    Score
    8/10
    persistenceprivilege_escalation

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks