Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

3ba796b629...18.exe

windows7-x64

10

3ba796b629...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3ba796b6291f1af40fa7f7910cfe20e0_JaffaCakes118

  • Size

    232KB

  • Sample

    240712-cvzf1svcqq

  • MD5

    3ba796b6291f1af40fa7f7910cfe20e0

  • SHA1

    83138d469539d6f00f0a557f305e667a5a7d7cda

  • SHA256

    47b91428ab9a5ca4b6449b4fa2f67a750a2de1d924b2b0e85e30223f795bce32

  • SHA512

    18008259fc5868d0683c0ef9aff73f79df75544250ff1afe0ec4e0668fc5a1a8116bf727ba73fc73f4efe168991b256eb14c856ce3147e89857fbdf9de3e7ab1

  • SSDEEP

    6144:L3PFKs7dizxRJFBfWEqxF6snji81RUinK5qjbkxYubS3:7PhYTBXibkx9b6

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      3ba796b6291f1af40fa7f7910cfe20e0_JaffaCakes118

    • Size

      232KB

    • MD5

      3ba796b6291f1af40fa7f7910cfe20e0

    • SHA1

      83138d469539d6f00f0a557f305e667a5a7d7cda

    • SHA256

      47b91428ab9a5ca4b6449b4fa2f67a750a2de1d924b2b0e85e30223f795bce32

    • SHA512

      18008259fc5868d0683c0ef9aff73f79df75544250ff1afe0ec4e0668fc5a1a8116bf727ba73fc73f4efe168991b256eb14c856ce3147e89857fbdf9de3e7ab1

    • SSDEEP

      6144:L3PFKs7dizxRJFBfWEqxF6snji81RUinK5qjbkxYubS3:7PhYTBXibkx9b6

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks