Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

a2124e3bd8...18.exe

windows7-x64

6

a2124e3bd8...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a2124e3bd8be252fd6eb28b6c63a8ca8_JaffaCakes118

  • Size

    45KB

  • Sample

    240817-ltlm7sselk

  • MD5

    a2124e3bd8be252fd6eb28b6c63a8ca8

  • SHA1

    685eb27a708bdd96f496c36757354a7253cb33f5

  • SHA256

    de146bcdd9c4654ed46720326582ec46ec34f37bfcb422af9b726a6ffe533f19

  • SHA512

    4fe6ef741d424f56c521a3eb43abd0333af400d7e7ba99e6504e6afcac2ef5f355bad5e4bd8e13b6a382a1b49b29af655f4653f3ee3af8405bc720624e590d58

  • SSDEEP

    768:3urE8TCXx4KvmWaZG/sRtn1Fqd+gbor/3pNzpgZ76iaeMNmOne4Nw6eEVzTnr:+w4z8nk1Y+fr/51CQihBOewLeYzTnr

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      a2124e3bd8be252fd6eb28b6c63a8ca8_JaffaCakes118

    • Size

      45KB

    • MD5

      a2124e3bd8be252fd6eb28b6c63a8ca8

    • SHA1

      685eb27a708bdd96f496c36757354a7253cb33f5

    • SHA256

      de146bcdd9c4654ed46720326582ec46ec34f37bfcb422af9b726a6ffe533f19

    • SHA512

      4fe6ef741d424f56c521a3eb43abd0333af400d7e7ba99e6504e6afcac2ef5f355bad5e4bd8e13b6a382a1b49b29af655f4653f3ee3af8405bc720624e590d58

    • SSDEEP

      768:3urE8TCXx4KvmWaZG/sRtn1Fqd+gbor/3pNzpgZ76iaeMNmOne4Nw6eEVzTnr:+w4z8nk1Y+fr/51CQihBOewLeYzTnr

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks