Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

4118a88110...18.exe

windows7-x64

10

4118a88110...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4118a8811017c443c8a08e15bfa76e46_JaffaCakes118

  • Size

    96KB

  • Sample

    240713-lcb3favfpp

  • MD5

    4118a8811017c443c8a08e15bfa76e46

  • SHA1

    48f76f9eed9418feb5ee921f1313b4a271b6ccbb

  • SHA256

    948c803be70bc95345f3ce2dcdce4beab4c8fbc87b5cd2b3fe1336bfba91b9dc

  • SHA512

    083e0651e83e4892ec7871b4c13703b71ad6e4d5a719746c8d6edf7bd7ef7d12fe88d18327b09e6f6849800d33ff14959e51802795be89477915c810a8927998

  • SSDEEP

    1536:BsQBHpf6cO/h3lKkGulSc16l6u+NMMl/KlYv1Tq5ThFQNIjnZv:Bih3lflu8CFFQCnt

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      4118a8811017c443c8a08e15bfa76e46_JaffaCakes118

    • Size

      96KB

    • MD5

      4118a8811017c443c8a08e15bfa76e46

    • SHA1

      48f76f9eed9418feb5ee921f1313b4a271b6ccbb

    • SHA256

      948c803be70bc95345f3ce2dcdce4beab4c8fbc87b5cd2b3fe1336bfba91b9dc

    • SHA512

      083e0651e83e4892ec7871b4c13703b71ad6e4d5a719746c8d6edf7bd7ef7d12fe88d18327b09e6f6849800d33ff14959e51802795be89477915c810a8927998

    • SSDEEP

      1536:BsQBHpf6cO/h3lKkGulSc16l6u+NMMl/KlYv1Tq5ThFQNIjnZv:Bih3lflu8CFFQCnt

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks