Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

89443f440d...18.exe

windows7-x64

8

89443f440d...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    89443f440d1ad224dc477da385537228_JaffaCakes118

  • Size

    455KB

  • Sample

    240811-gqxtvasamc

  • MD5

    89443f440d1ad224dc477da385537228

  • SHA1

    3b04e1d02a3d563f95db27091f0357eaf93121f2

  • SHA256

    16912916e639bbf566bedc9041a72cea4865c16eb0adbc289e635a0e4ede20e8

  • SHA512

    fae1e6c86eca30840e5d3574c4a90debab6054316abd7cf686407a5a7a8553cb7ed347cee13bb72c832e5ecba541119afe23d0f32b60b7e83b6c9099affa9e36

  • SSDEEP

    12288:+oUy2e41WHTg2AVqz91BbFlgzJnBhl11UMMnMMMMM:+oT419hVqhDbFyJnBhlPUMMnMMMMM

Score
8/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      89443f440d1ad224dc477da385537228_JaffaCakes118

    • Size

      455KB

    • MD5

      89443f440d1ad224dc477da385537228

    • SHA1

      3b04e1d02a3d563f95db27091f0357eaf93121f2

    • SHA256

      16912916e639bbf566bedc9041a72cea4865c16eb0adbc289e635a0e4ede20e8

    • SHA512

      fae1e6c86eca30840e5d3574c4a90debab6054316abd7cf686407a5a7a8553cb7ed347cee13bb72c832e5ecba541119afe23d0f32b60b7e83b6c9099affa9e36

    • SSDEEP

      12288:+oUy2e41WHTg2AVqz91BbFlgzJnBhl11UMMnMMMMM:+oT419hVqhDbFyJnBhlPUMMnMMMMM

    Score
    8/10
    discoveryevasionpersistence

    • Disables Task Manager via registry modification

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks