Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

78045ffb11...18.exe

windows7-x64

10

78045ffb11...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    78045ffb11920b4d6e50a87a76701cf9_JaffaCakes118

  • Size

    44KB

  • Sample

    240727-neyqbsxamj

  • MD5

    78045ffb11920b4d6e50a87a76701cf9

  • SHA1

    5b548bba846e44892f83ff7bed03b5f279fc13c6

  • SHA256

    6b212523de4d981ee73509b71022c03735c602b3549a226759aa6d1d263a7912

  • SHA512

    c9a739fffb5f7dddba0ee2e34fb0d0b180cd0a286b8ba096f891564c0db4af6126d15c5ae54bcececa8488d513f5197cd5acefd3589ba8ce2fdf5ad1695ea9ec

  • SSDEEP

    768:WuuFTlp5vVRsVNpBr/tkolMXuFJzw49JP9tSqKY+jci2uGQW/pN:WuuFTONL/rOeFJTJqfMO8z

Score
10/10
discoverypersistence

Malware Config

Targets

    • Target

      78045ffb11920b4d6e50a87a76701cf9_JaffaCakes118

    • Size

      44KB

    • MD5

      78045ffb11920b4d6e50a87a76701cf9

    • SHA1

      5b548bba846e44892f83ff7bed03b5f279fc13c6

    • SHA256

      6b212523de4d981ee73509b71022c03735c602b3549a226759aa6d1d263a7912

    • SHA512

      c9a739fffb5f7dddba0ee2e34fb0d0b180cd0a286b8ba096f891564c0db4af6126d15c5ae54bcececa8488d513f5197cd5acefd3589ba8ce2fdf5ad1695ea9ec

    • SSDEEP

      768:WuuFTlp5vVRsVNpBr/tkolMXuFJzw49JP9tSqKY+jci2uGQW/pN:WuuFTONL/rOeFJTJqfMO8z

    Score
    10/10
    discoverypersistence

    • Modifies WinLogon for persistence

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks