edc3909319b8c68a4c7c5d2b1f09edf7071086a1bc6b7734129d5e28f694c2af | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2f01e472ee...18.exe

windows7-x64

7

2f01e472ee...18.exe

windows10-2004-x64

7

Sharing

General

Target

2f01e472eea6c00978e7656e02603bd0_JaffaCakes118
Size

56KB
Sample

240709-e64k8aweql
MD5

2f01e472eea6c00978e7656e02603bd0
SHA1

0c4d4263345ca631ab734a7326fa2eba6d61d366
SHA256

edc3909319b8c68a4c7c5d2b1f09edf7071086a1bc6b7734129d5e28f694c2af
SHA512

05a4547b051727b71efc387337fd0e5ce5eaf7b34b68153a4207a6e473af874e02aed488f7ab159be1bf0f7580b07e3c30c155df38c616d04f63c6353feac6be
SSDEEP

768:AtEZo9nSBRSxHZX0SgxzB6I0alAe4SiLpWi6fXRBAjDk38/jf:eH9SqB0/Aq5cl6TuYOjf

Score

7^/10

upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2f01e472eea6c00978e7656e02603bd0_JaffaCakes118.exe

Resource

win7-20240705-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2f01e472eea6c00978e7656e02603bd0_JaffaCakes118.exe

Resource

win10v2004-20240704-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2f01e472eea6c00978e7656e02603bd0_JaffaCakes118
- Size
  
  56KB
- MD5
  
  2f01e472eea6c00978e7656e02603bd0
- SHA1
  
  0c4d4263345ca631ab734a7326fa2eba6d61d366
- SHA256
  
  edc3909319b8c68a4c7c5d2b1f09edf7071086a1bc6b7734129d5e28f694c2af
- SHA512
  
  05a4547b051727b71efc387337fd0e5ce5eaf7b34b68153a4207a6e473af874e02aed488f7ab159be1bf0f7580b07e3c30c155df38c616d04f63c6353feac6be
- SSDEEP
  
  768:AtEZo9nSBRSxHZX0SgxzB6I0alAe4SiLpWi6fXRBAjDk38/jf:eH9SqB0/Aq5cl6TuYOjf
Score

7^/10

upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy