Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

84c1d9ab88...18.exe

windows7-x64

8

84c1d9ab88...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    84c1d9ab88eada6c781adc75fc005a43_JaffaCakes118

  • Size

    297KB

  • Sample

    240810-er8xdsvgjp

  • MD5

    84c1d9ab88eada6c781adc75fc005a43

  • SHA1

    ce4cc06ef9f311d07824d818801024ceafaa6bcc

  • SHA256

    d73f3ef9ad0f44a10f919ba34504a647a92c311afe47bba86c1c4d19a17aa20a

  • SHA512

    d3960e3858c30f5700bdb2c002fbeba28b0be6bd9828e6587f546d85da0fe062dfae581c47e3c8f06160609fa3cc42846d70d591ad2cbc737b5ab1a36deeabd6

  • SSDEEP

    6144:ehSCviHFTq4IFI6FvHSodtKOfPMI5+ekXgbD4yP59s+m9xf5sp2KDuy:ejiTmHSYv3d+2/59s+m9x29Cy

Score
8/10
discoveryevasionpersistenceupx

Malware Config

Targets

    • Target

      84c1d9ab88eada6c781adc75fc005a43_JaffaCakes118

    • Size

      297KB

    • MD5

      84c1d9ab88eada6c781adc75fc005a43

    • SHA1

      ce4cc06ef9f311d07824d818801024ceafaa6bcc

    • SHA256

      d73f3ef9ad0f44a10f919ba34504a647a92c311afe47bba86c1c4d19a17aa20a

    • SHA512

      d3960e3858c30f5700bdb2c002fbeba28b0be6bd9828e6587f546d85da0fe062dfae581c47e3c8f06160609fa3cc42846d70d591ad2cbc737b5ab1a36deeabd6

    • SSDEEP

      6144:ehSCviHFTq4IFI6FvHSodtKOfPMI5+ekXgbD4yP59s+m9xf5sp2KDuy:ejiTmHSYv3d+2/59s+m9x29Cy

    Score
    8/10
    discoveryevasionpersistenceupx

    • Disables Task Manager via registry modification

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks