67ccfb0369e7d8bb85a4bdeb1d89a1ef45061312ccc57edc81739edfe8a296c7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

474d4d3b2e...18.exe

windows7-x64

7

474d4d3b2e...18.exe

windows10-2004-x64

7

Sharing

General

Target

474d4d3b2ec4cb908c44ad17aff85805_JaffaCakes118
Size

296KB
Sample

240714-3r1g1szhnf
MD5

474d4d3b2ec4cb908c44ad17aff85805
SHA1

c036059376f20d5c243d9ca5fac5b99169eff001
SHA256

67ccfb0369e7d8bb85a4bdeb1d89a1ef45061312ccc57edc81739edfe8a296c7
SHA512

5be257d14608edb6540c931a175c0fff0aa2bca6c94a726914f585206912e5e2da406fb273b6065742edefc9b17467de2b0807913f3746fac3d6aef04b5d7bf1
SSDEEP

6144:A5GL86QqsaUFRzfeFJROZPUODVGvV8s76RYwRfPgFAtdDAf+O2:nLkqsaUFxfe63UN0RfUudsfy

Score

7^/10

persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

474d4d3b2ec4cb908c44ad17aff85805_JaffaCakes118.exe

Resource

win7-20240704-en

persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

474d4d3b2ec4cb908c44ad17aff85805_JaffaCakes118.exe

Resource

win10v2004-20240704-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  474d4d3b2ec4cb908c44ad17aff85805_JaffaCakes118
- Size
  
  296KB
- MD5
  
  474d4d3b2ec4cb908c44ad17aff85805
- SHA1
  
  c036059376f20d5c243d9ca5fac5b99169eff001
- SHA256
  
  67ccfb0369e7d8bb85a4bdeb1d89a1ef45061312ccc57edc81739edfe8a296c7
- SHA512
  
  5be257d14608edb6540c931a175c0fff0aa2bca6c94a726914f585206912e5e2da406fb273b6065742edefc9b17467de2b0807913f3746fac3d6aef04b5d7bf1
- SSDEEP
  
  6144:A5GL86QqsaUFRzfeFJROZPUODVGvV8s76RYwRfPgFAtdDAf+O2:nLkqsaUFxfe63UN0RfUudsfy
Score

7^/10

persistence upx
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy