5f90b124f1209fa7871d1024d0f0f618cd131006a1ca1718c4a2bbb93ea1cf07 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

74d4a56cc1...18.exe

windows7-x64

74d4a56cc1...18.exe

windows10-2004-x64

Sharing

General

Target

74d4a56cc18a6e84c02706ba4884c00e_JaffaCakes118
Size

152KB
Sample

240726-tzhgqssgqf
MD5

74d4a56cc18a6e84c02706ba4884c00e
SHA1

f3c8300e5bb4913c61cabfe0f080278d46c61850
SHA256

5f90b124f1209fa7871d1024d0f0f618cd131006a1ca1718c4a2bbb93ea1cf07
SHA512

3b90c34cfdfdf7b3e8cc09bd0f96c361ba6d56f86d686cc7e396ea4f15805d02e3bd0111051964c577103029205ecfe769cefe3be483485cadcf8ee17dd56f04
SSDEEP

3072:3ckNHUjeZI2bKLrA4jk2SD1P3ASMog4pjTpVgsV5:pNSeW2bKL1aD1PPMoRjTpz5

Score

10^/10

discovery evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

74d4a56cc18a6e84c02706ba4884c00e_JaffaCakes118.exe

Resource

win7-20240708-en

discovery evasion

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

74d4a56cc18a6e84c02706ba4884c00e_JaffaCakes118.exe

Resource

win10v2004-20240709-en

discovery evasion

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  74d4a56cc18a6e84c02706ba4884c00e_JaffaCakes118
- Size
  
  152KB
- MD5
  
  74d4a56cc18a6e84c02706ba4884c00e
- SHA1
  
  f3c8300e5bb4913c61cabfe0f080278d46c61850
- SHA256
  
  5f90b124f1209fa7871d1024d0f0f618cd131006a1ca1718c4a2bbb93ea1cf07
- SHA512
  
  3b90c34cfdfdf7b3e8cc09bd0f96c361ba6d56f86d686cc7e396ea4f15805d02e3bd0111051964c577103029205ecfe769cefe3be483485cadcf8ee17dd56f04
- SSDEEP
  
  3072:3ckNHUjeZI2bKLrA4jk2SD1P3ASMog4pjTpVgsV5:pNSeW2bKL1aD1PPMoRjTpz5
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion

© 2018-2025

Terms | Privacy