Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

2ec1a494ca...18.exe

windows7-x64

8

2ec1a494ca...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2ec1a494ca2a2b7c439569e6658e2f45_JaffaCakes118

  • Size

    377KB

  • Sample

    240709-depgjsvfkc

  • MD5

    2ec1a494ca2a2b7c439569e6658e2f45

  • SHA1

    a76e8784f250db262f23af4950828a963b300cd9

  • SHA256

    66b723e4037dae30a4fc387207b5e411466db71a6cb8c19d8499157ee8b4f76e

  • SHA512

    24a39ef195c4e22a62b9589d106bbb35cf16fe2666994586f02f59edbddec964de4cc160a3ed0f8f549da11ab16d5e5494d7c20c0b7109ce8a0585abe9c323d1

  • SSDEEP

    6144:6kSAIWHYXqq+vxiCrrZxSlj0KwQWJxXs5MWeKXf10w1X8f5x10TK1+cRMXYrXg1W:eATHYZyxZrZSjFwf3s/Xf2wG0zVXIA/e

Score
8/10
persistenceprivilege_escalation

Malware Config

Targets

    • Target

      2ec1a494ca2a2b7c439569e6658e2f45_JaffaCakes118

    • Size

      377KB

    • MD5

      2ec1a494ca2a2b7c439569e6658e2f45

    • SHA1

      a76e8784f250db262f23af4950828a963b300cd9

    • SHA256

      66b723e4037dae30a4fc387207b5e411466db71a6cb8c19d8499157ee8b4f76e

    • SHA512

      24a39ef195c4e22a62b9589d106bbb35cf16fe2666994586f02f59edbddec964de4cc160a3ed0f8f549da11ab16d5e5494d7c20c0b7109ce8a0585abe9c323d1

    • SSDEEP

      6144:6kSAIWHYXqq+vxiCrrZxSlj0KwQWJxXs5MWeKXf10w1X8f5x10TK1+cRMXYrXg1W:eATHYZyxZrZSjFwf3s/Xf2wG0zVXIA/e

    Score
    8/10
    persistenceprivilege_escalation

    • Adds policy Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks