Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

69e1bc8e06...18.exe

windows7-x64

7

69e1bc8e06...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    69e1bc8e067ca7e458293b2b5b09a270_JaffaCakes118

  • Size

    164KB

  • Sample

    240724-cnkpaasemn

  • MD5

    69e1bc8e067ca7e458293b2b5b09a270

  • SHA1

    f8ffb801379e93d461e8e0fb890123d5e3c013a9

  • SHA256

    b4eef6c6f233bab9712da76f56d4989215e2e8684de51f620347055509855050

  • SHA512

    4a09a103568a1bd99e69423df1cc52a41698f6be83744e4018ff5b29d8a215bb675fbaf6a470f685d83790a50c9c8c5b0913bbef76a5a647ca8fadad41b13138

  • SSDEEP

    3072:HIbffGFtmYuCDo6Dx0dsM3QpOCSOHXvLW0UQB3WNQEv3u:oAtU61Ks2QYRO3zWPI3Q3

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      69e1bc8e067ca7e458293b2b5b09a270_JaffaCakes118

    • Size

      164KB

    • MD5

      69e1bc8e067ca7e458293b2b5b09a270

    • SHA1

      f8ffb801379e93d461e8e0fb890123d5e3c013a9

    • SHA256

      b4eef6c6f233bab9712da76f56d4989215e2e8684de51f620347055509855050

    • SHA512

      4a09a103568a1bd99e69423df1cc52a41698f6be83744e4018ff5b29d8a215bb675fbaf6a470f685d83790a50c9c8c5b0913bbef76a5a647ca8fadad41b13138

    • SSDEEP

      3072:HIbffGFtmYuCDo6Dx0dsM3QpOCSOHXvLW0UQB3WNQEv3u:oAtU61Ks2QYRO3zWPI3Q3

    Score
    7/10
    discoveryupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks