ac9c49345037928dbff133e3fffc52f4a6a090f7d4e02825549ed6df621ad074 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

3a5fcb6c65...18.exe

windows7-x64

7

3a5fcb6c65...18.exe

windows10-2004-x64

7

Sharing

General

Target

3a5fcb6c6500140fd2be9b603a5b25bf_JaffaCakes118
Size

60KB
Sample

240711-xpsrhasdpb
MD5

3a5fcb6c6500140fd2be9b603a5b25bf
SHA1

fd905798f5e0f4d9c3dcb74e7d595d93c4e21ddf
SHA256

ac9c49345037928dbff133e3fffc52f4a6a090f7d4e02825549ed6df621ad074
SHA512

21d0ccbc4080c0536d8f7b7f469f5181b6699cd4c19bcbb6f471ff1c034a17b8be345e28bd457959dae9928736a17e536124762b708b7df2e1f45616031b7200
SSDEEP

768:VWu3YUFlLUyNuDcg4yHCN+e/KYIEnIOX4fQGW8B0eaVAy+0ZEqhlNC+NPKwV9O+B:FldNuDXHC1iZExj8BLy/ZDhlw+sYQ+B

Score

7^/10

evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3a5fcb6c6500140fd2be9b603a5b25bf_JaffaCakes118.exe

Resource

win7-20240704-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

3a5fcb6c6500140fd2be9b603a5b25bf_JaffaCakes118.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  3a5fcb6c6500140fd2be9b603a5b25bf_JaffaCakes118
- Size
  
  60KB
- MD5
  
  3a5fcb6c6500140fd2be9b603a5b25bf
- SHA1
  
  fd905798f5e0f4d9c3dcb74e7d595d93c4e21ddf
- SHA256
  
  ac9c49345037928dbff133e3fffc52f4a6a090f7d4e02825549ed6df621ad074
- SHA512
  
  21d0ccbc4080c0536d8f7b7f469f5181b6699cd4c19bcbb6f471ff1c034a17b8be345e28bd457959dae9928736a17e536124762b708b7df2e1f45616031b7200
- SSDEEP
  
  768:VWu3YUFlLUyNuDcg4yHCN+e/KYIEnIOX4fQGW8B0eaVAy+0ZEqhlNC+NPKwV9O+B:FldNuDXHC1iZExj8BLy/ZDhlw+sYQ+B
Score

7^/10

evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy