Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

83c72e1dee...18.exe

windows7-x64

10

83c72e1dee...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    83c72e1dee9d70e1427c50d15bb1939d_JaffaCakes118

  • Size

    148KB

  • Sample

    240809-2af7daweme

  • MD5

    83c72e1dee9d70e1427c50d15bb1939d

  • SHA1

    09b11b40974fdc701962751635de6875bd2ba1c4

  • SHA256

    774e5776afdf98dc1d11bbbdc264d6023daee59f7ab93dfbc918a96315c98106

  • SHA512

    747977157b122219c3ea1c20c78696bcec94911fce29fd8f23e3d87a33fde73ecb9ab8dcd105d47f84ae60312071a8dab950cbe03f464d51f5b73fdf0c0d5f5d

  • SSDEEP

    3072:DiFHQh4mRpDGq7At/yRWr2wA36nbMUq8hFOdhIhJE5j4oQfv:uFwh96F90Wf7nJPwdhdU

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      83c72e1dee9d70e1427c50d15bb1939d_JaffaCakes118

    • Size

      148KB

    • MD5

      83c72e1dee9d70e1427c50d15bb1939d

    • SHA1

      09b11b40974fdc701962751635de6875bd2ba1c4

    • SHA256

      774e5776afdf98dc1d11bbbdc264d6023daee59f7ab93dfbc918a96315c98106

    • SHA512

      747977157b122219c3ea1c20c78696bcec94911fce29fd8f23e3d87a33fde73ecb9ab8dcd105d47f84ae60312071a8dab950cbe03f464d51f5b73fdf0c0d5f5d

    • SSDEEP

      3072:DiFHQh4mRpDGq7At/yRWr2wA36nbMUq8hFOdhIhJE5j4oQfv:uFwh96F90Wf7nJPwdhdU

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks