Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

8ebe91c35c...18.exe

windows7-x64

7

8ebe91c35c...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ebe91c35cef43c0c54e02fe2029972a_JaffaCakes118

  • Size

    160KB

  • Sample

    240812-pmlams1crq

  • MD5

    8ebe91c35cef43c0c54e02fe2029972a

  • SHA1

    4327bcd62bcc7eed8db3565cd17fb21b2e6548df

  • SHA256

    1a87da4a149ce9ab69b67000e6855182f4f1eede9864bad925eab6a85d13ff1e

  • SHA512

    840f05a1d6ea611f538bc4dec7450b694793d0809ebe19f1affe1f78ca354f09bf97bd2e01a54aa1f0b0343f90a76c67fdf85e6a2d26c9709e9cab713851b5fe

  • SSDEEP

    1536:aygV/7HPS70fbFkFRPxF6wDLJKIKgyg9bWGsXI4EshcEq:aygtjPO0BYnfLJKIKgyg9YFHxq

Score
7/10
defense_evasiondiscovery

Malware Config

Targets

    • Target

      8ebe91c35cef43c0c54e02fe2029972a_JaffaCakes118

    • Size

      160KB

    • MD5

      8ebe91c35cef43c0c54e02fe2029972a

    • SHA1

      4327bcd62bcc7eed8db3565cd17fb21b2e6548df

    • SHA256

      1a87da4a149ce9ab69b67000e6855182f4f1eede9864bad925eab6a85d13ff1e

    • SHA512

      840f05a1d6ea611f538bc4dec7450b694793d0809ebe19f1affe1f78ca354f09bf97bd2e01a54aa1f0b0343f90a76c67fdf85e6a2d26c9709e9cab713851b5fe

    • SSDEEP

      1536:aygV/7HPS70fbFkFRPxF6wDLJKIKgyg9bWGsXI4EshcEq:aygtjPO0BYnfLJKIKgyg9YFHxq

    Score
    7/10
    defense_evasiondiscovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks