Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

5bb1b51f49...18.exe

windows7-x64

10

5bb1b51f49...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5bb1b51f497b8ab025bdb4d0305d177d_JaffaCakes118

  • Size

    156KB

  • Sample

    240719-nawp6s1fnh

  • MD5

    5bb1b51f497b8ab025bdb4d0305d177d

  • SHA1

    cbb6d975e6c5c2513e04eb3b249b24043a101927

  • SHA256

    c4b32f6fc9b8f78d79b00cd40efada235d08ff7077fb4a183c11772b5daf36b9

  • SHA512

    683a884ea95df5ad43a09cf786cfbe0c86e24843fb60a64370e329e1ca7325a6d7e4e31c6d6a2ef08c0ceb08572d284a2705f3c8f060e0fd82e0764e25504f33

  • SSDEEP

    3072:xANPhL3YsZtSxch3Z1C5GbWyleXkbxy6cg48Af4oQZiEh3:+PhcsZ5b1OGbU0NByhWL

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      5bb1b51f497b8ab025bdb4d0305d177d_JaffaCakes118

    • Size

      156KB

    • MD5

      5bb1b51f497b8ab025bdb4d0305d177d

    • SHA1

      cbb6d975e6c5c2513e04eb3b249b24043a101927

    • SHA256

      c4b32f6fc9b8f78d79b00cd40efada235d08ff7077fb4a183c11772b5daf36b9

    • SHA512

      683a884ea95df5ad43a09cf786cfbe0c86e24843fb60a64370e329e1ca7325a6d7e4e31c6d6a2ef08c0ceb08572d284a2705f3c8f060e0fd82e0764e25504f33

    • SSDEEP

      3072:xANPhL3YsZtSxch3Z1C5GbWyleXkbxy6cg48Af4oQZiEh3:+PhcsZ5b1OGbU0NByhWL

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks