Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

772952cfac...18.exe

windows7-x64

7

772952cfac...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    772952cfacf381892590ce0ccc4bb384_JaffaCakes118

  • Size

    65KB

  • Sample

    240727-gcxlxssgqd

  • MD5

    772952cfacf381892590ce0ccc4bb384

  • SHA1

    734e0306c531e9ffbf22b60e7c744e04f65fa79f

  • SHA256

    0b36f9990b83338a823f030e12fcd9a866a2cfcb434150d3e59c708a80a88102

  • SHA512

    1bc8e5145a9c5fde67c5df7289b32fee5720b5af7007c3fd5c3287c74c4754812552c2b6cef2ce77582233b8a8a2312975acc5c7687b0694cdec528456912d21

  • SSDEEP

    768:gqipbWxcGn+dNHyIztJT2W/V4EaRS8ZGMhpyNKnoBXzHpBRjG8CkFMRKVytHmDbX:6ScCqrztJi2icNKnoBX7RylHmH

Score
7/10
defense_evasiondiscovery

Malware Config

Targets

    • Target

      772952cfacf381892590ce0ccc4bb384_JaffaCakes118

    • Size

      65KB

    • MD5

      772952cfacf381892590ce0ccc4bb384

    • SHA1

      734e0306c531e9ffbf22b60e7c744e04f65fa79f

    • SHA256

      0b36f9990b83338a823f030e12fcd9a866a2cfcb434150d3e59c708a80a88102

    • SHA512

      1bc8e5145a9c5fde67c5df7289b32fee5720b5af7007c3fd5c3287c74c4754812552c2b6cef2ce77582233b8a8a2312975acc5c7687b0694cdec528456912d21

    • SSDEEP

      768:gqipbWxcGn+dNHyIztJT2W/V4EaRS8ZGMhpyNKnoBXzHpBRjG8CkFMRKVytHmDbX:6ScCqrztJi2icNKnoBX7RylHmH

    Score
    7/10
    defense_evasiondiscovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks