16ac200407b4b2012c7e80ea57dfd15b254f7cfabf7499ee6405b215dfd780dc | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

3d4d90672a...18.exe

windows7-x64

8

3d4d90672a...18.exe

windows10-2004-x64

8

Sharing

General

Target

3d4d90672a3439a7130869841a30d3f1_JaffaCakes118
Size

457KB
Sample

240712-n7vt5sseqp
MD5

3d4d90672a3439a7130869841a30d3f1
SHA1

1237a90c9bd395370f5f2fd3385c9b4fb03cb4a5
SHA256

16ac200407b4b2012c7e80ea57dfd15b254f7cfabf7499ee6405b215dfd780dc
SHA512

b20cbbd845873cd307de70bba10dadf7ab24e8857d8c175280cb637ce72629c288a0cd6458697fae15c7f4e00425d147ad3533ceeae8171126ace2d1bfd0fed9
SSDEEP

6144:t515R5b515R5b5R5b51515R5b515R5b51515R5b52:a

Score

8^/10

upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

3d4d90672a3439a7130869841a30d3f1_JaffaCakes118.exe

Resource

win7-20240705-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

3d4d90672a3439a7130869841a30d3f1_JaffaCakes118.exe

Resource

win10v2004-20240704-en

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  3d4d90672a3439a7130869841a30d3f1_JaffaCakes118
- Size
  
  457KB
- MD5
  
  3d4d90672a3439a7130869841a30d3f1
- SHA1
  
  1237a90c9bd395370f5f2fd3385c9b4fb03cb4a5
- SHA256
  
  16ac200407b4b2012c7e80ea57dfd15b254f7cfabf7499ee6405b215dfd780dc
- SHA512
  
  b20cbbd845873cd307de70bba10dadf7ab24e8857d8c175280cb637ce72629c288a0cd6458697fae15c7f4e00425d147ad3533ceeae8171126ace2d1bfd0fed9
- SSDEEP
  
  6144:t515R5b515R5b5R5b51515R5b515R5b51515R5b52:a
Score

8^/10

upx
- Drops file in Drivers directory
- Manipulates Digital Signatures
  Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy