cf34176e512d994fe4b8ff5b45f8425dc480b20c876f00ee398d9b24f5061dd0 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

95a5b0563f...18.exe

windows7-x64

6

95a5b0563f...18.exe

windows10-2004-x64

6

Sharing

General

Target

95a5b0563f70c61af4b019e3b25cc330_JaffaCakes118
Size

224KB
Sample

240814-l5yf5s1drj
MD5

95a5b0563f70c61af4b019e3b25cc330
SHA1

f2784dd20923061ae3603646e19b477bf1d867a0
SHA256

cf34176e512d994fe4b8ff5b45f8425dc480b20c876f00ee398d9b24f5061dd0
SHA512

8f41e5ea44dc5a6113514e7b115a685222f35f5a9a063eb53637eeb9c29847a50ace80ae2d9e5055508f54bd32b0ad8412127e601099c0fc2f5748d6bc1843e1
SSDEEP

6144:MpI3IZIlITl+Cr8qjJQdjjezuwjjjjjjjjjjjjjjjjjjsaLmjjjjjjjjjjjjjjjc:Mrl+Nh

Score

6^/10

discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

95a5b0563f70c61af4b019e3b25cc330_JaffaCakes118.exe

Resource

win7-20240705-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

95a5b0563f70c61af4b019e3b25cc330_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  95a5b0563f70c61af4b019e3b25cc330_JaffaCakes118
- Size
  
  224KB
- MD5
  
  95a5b0563f70c61af4b019e3b25cc330
- SHA1
  
  f2784dd20923061ae3603646e19b477bf1d867a0
- SHA256
  
  cf34176e512d994fe4b8ff5b45f8425dc480b20c876f00ee398d9b24f5061dd0
- SHA512
  
  8f41e5ea44dc5a6113514e7b115a685222f35f5a9a063eb53637eeb9c29847a50ace80ae2d9e5055508f54bd32b0ad8412127e601099c0fc2f5748d6bc1843e1
- SSDEEP
  
  6144:MpI3IZIlITl+Cr8qjJQdjjezuwjjjjjjjjjjjjjjjjjjsaLmjjjjjjjjjjjjjjjc:Mrl+Nh
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy