28d2b0173a0b9a8ccc73c0f40ae4be37fd8272432818cc6820462cdff038d584 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

8c2c226f58...18.exe

windows7-x64

7

8c2c226f58...18.exe

windows10-2004-x64

7

$PLUGINSDIR/calc.exe

windows7-x64

7

$PLUGINSDIR/calc.exe

windows10-2004-x64

7

Sharing

General

Target

8c2c226f58e88601b34d59c8ebd4c987_JaffaCakes118
Size

1.4MB
Sample

240811-13qqvavfpe
MD5

8c2c226f58e88601b34d59c8ebd4c987
SHA1

69db26ce456559c565103fb362b72bec4409934a
SHA256

28d2b0173a0b9a8ccc73c0f40ae4be37fd8272432818cc6820462cdff038d584
SHA512

f1686c0caa042ef5c9ac0b685b5037ea1368c29bbfacd6135eda5c02a3ef7c989919ec538c92e12fee0a8ddc1f082ed314267d4ca642bc767787bb57a3e9c32d
SSDEEP

24576:1qyk+aDRGujRURnI9krKmsXKSzEnMG9iN8MQCUT9Kkn7/jLztCS6FExvZK8fRcbU:1qyk+aDRiEmsQnMG0N8MZs3nvQFExBiA

Score

7^/10

aspackv2 discovery upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

8c2c226f58e88601b34d59c8ebd4c987_JaffaCakes118.exe

Resource

win7-20240729-en

aspackv2 discovery upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

8c2c226f58e88601b34d59c8ebd4c987_JaffaCakes118.exe

Resource

win10v2004-20240802-en

aspackv2 discovery upx

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/calc.exe

Resource

win7-20240708-en

aspackv2 discovery upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/calc.exe

Resource

win10v2004-20240802-en

aspackv2 discovery upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  8c2c226f58e88601b34d59c8ebd4c987_JaffaCakes118
- Size
  
  1.4MB
- MD5
  
  8c2c226f58e88601b34d59c8ebd4c987
- SHA1
  
  69db26ce456559c565103fb362b72bec4409934a
- SHA256
  
  28d2b0173a0b9a8ccc73c0f40ae4be37fd8272432818cc6820462cdff038d584
- SHA512
  
  f1686c0caa042ef5c9ac0b685b5037ea1368c29bbfacd6135eda5c02a3ef7c989919ec538c92e12fee0a8ddc1f082ed314267d4ca642bc767787bb57a3e9c32d
- SSDEEP
  
  24576:1qyk+aDRGujRURnI9krKmsXKSzEnMG9iN8MQCUT9Kkn7/jLztCS6FExvZK8fRcbU:1qyk+aDRiEmsQnMG0N8MZs3nvQFExBiA
Score

7^/10

aspackv2 discovery upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/calc.exe
- Size
  
  1.3MB
- MD5
  
  97e47588a35219417f64ee2184e99118
- SHA1
  
  37d77f2594d3a5e81f4aebe0efdc24506b17f542
- SHA256
  
  fd20d30fb61ae75dfb715837d811250b2dcce0fc40b2bd3af6533dac50860513
- SHA512
  
  39c550d772940d06be3dfdd27ae051a895a2e9887a837131b21ac9470f5e9fb929e8c29d4338cdd8b5406c42973d84546312ac3767c28006a1b77192937bfa1a
- SSDEEP
  
  24576:3k+aDRGujRURnI9krKmsXKSzEnMG9iN8MQCUT9Kkn7/jLztCS6FExvZK8fRcbKJK:3k+aDRiEmsQnMG0N8MZs3nvQFExBibiK
Score

7^/10

aspackv2 discovery upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discoveryupx

behavioral2

aspackv2discoveryupx

behavioral3

aspackv2discoveryupx

behavioral4

aspackv2discoveryupx

© 2018-2025

Terms | Privacy