b37a0b747f777e7df49b7f3a6cf8b9c3f80bd8cc2dfdd4c7a43053d1fcf3d92b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

8a62984c8a...18.exe

windows7-x64

8

8a62984c8a...18.exe

windows10-2004-x64

8

Sharing

General

Target

8a62984c8a390c0478c389b356e08cb5_JaffaCakes118
Size

320KB
Sample

240811-ptmr2szcln
MD5

8a62984c8a390c0478c389b356e08cb5
SHA1

e4b3a43f3b8002f23a4820af6d926c703a893d43
SHA256

b37a0b747f777e7df49b7f3a6cf8b9c3f80bd8cc2dfdd4c7a43053d1fcf3d92b
SHA512

aad9249a7ef3e141ffc261ad11400ddd366b78cd1d1cf9e2d75c6fe5f46b0aec73591f2bce812446b8de5a6262205cbfa4d63876f300d6bfaed123efae62f379
SSDEEP

6144:7q6wzl1GCMsgICZnYNEwK/nzoJIGyxFNirwWSP/VlFK:7fwLG7jlfDNirwWS3FK

Score

8^/10

discovery evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8a62984c8a390c0478c389b356e08cb5_JaffaCakes118.exe

Resource

win7-20240704-en

discovery evasion

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

8a62984c8a390c0478c389b356e08cb5_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery evasion

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  8a62984c8a390c0478c389b356e08cb5_JaffaCakes118
- Size
  
  320KB
- MD5
  
  8a62984c8a390c0478c389b356e08cb5
- SHA1
  
  e4b3a43f3b8002f23a4820af6d926c703a893d43
- SHA256
  
  b37a0b747f777e7df49b7f3a6cf8b9c3f80bd8cc2dfdd4c7a43053d1fcf3d92b
- SHA512
  
  aad9249a7ef3e141ffc261ad11400ddd366b78cd1d1cf9e2d75c6fe5f46b0aec73591f2bce812446b8de5a6262205cbfa4d63876f300d6bfaed123efae62f379
- SSDEEP
  
  6144:7q6wzl1GCMsgICZnYNEwK/nzoJIGyxFNirwWSP/VlFK:7fwLG7jlfDNirwWS3FK
Score

8^/10

discovery evasion
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion

© 2018-2025

Terms | Privacy