Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

34eafdb20d...18.exe

windows7-x64

10

34eafdb20d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    34eafdb20d8406f298cd78f87f28f995_JaffaCakes118

  • Size

    136KB

  • Sample

    240710-qrlmms1alk

  • MD5

    34eafdb20d8406f298cd78f87f28f995

  • SHA1

    cca1fc91b35a0e3da2d4b591d28f3a9c6da18669

  • SHA256

    15f47f754fee0099dffea1a0dc5223efbdd7034ed3b1cb9c6c8be9100b629339

  • SHA512

    6473e33f39c6ffd6865665d5cbdb3c218a2cd41b2185e87d9e113922347deb7f030f33a1e9b3ee2f0bd8acf949161d008c5ce45ab89c45bd0012d1a87d70d312

  • SSDEEP

    3072:BmOI6wjBfQn7WbIqH0ybZBiOllyEmcP82+aVdOt66VGegmT:BmRRQn7WbIqH0ybZBiOllyE5D+aVkjse

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      34eafdb20d8406f298cd78f87f28f995_JaffaCakes118

    • Size

      136KB

    • MD5

      34eafdb20d8406f298cd78f87f28f995

    • SHA1

      cca1fc91b35a0e3da2d4b591d28f3a9c6da18669

    • SHA256

      15f47f754fee0099dffea1a0dc5223efbdd7034ed3b1cb9c6c8be9100b629339

    • SHA512

      6473e33f39c6ffd6865665d5cbdb3c218a2cd41b2185e87d9e113922347deb7f030f33a1e9b3ee2f0bd8acf949161d008c5ce45ab89c45bd0012d1a87d70d312

    • SSDEEP

      3072:BmOI6wjBfQn7WbIqH0ybZBiOllyEmcP82+aVdOt66VGegmT:BmRRQn7WbIqH0ybZBiOllyE5D+aVkjse

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks