Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

a77ca5793b...18.exe

windows7-x64

7

a77ca5793b...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a77ca5793b0e5f4a28ea576cf988b5c8_JaffaCakes118

  • Size

    89KB

  • Sample

    240818-vja86axcpl

  • MD5

    a77ca5793b0e5f4a28ea576cf988b5c8

  • SHA1

    81f7599be4e590386de12b4366716433bf10a017

  • SHA256

    5c302e8ae763e0d918978dacc3031dc4c4425757dd1bfed53f6b776e9b9003ee

  • SHA512

    d5bad9f53fd913afb44d4cad0888b4a71417f81924b8694eb6be7e2394889858e583ee2c193c7d2e1c3d94370c08cb4f6781569c9a1e9d8d3577f4d100e23e8f

  • SSDEEP

    1536:L8dOoemFFLr/5P8MdiEWzHc/toONCoCinYQ13gLspuIJK/k1lJSU5xfO3:6PemFN5GEeH2qAcinYQJgLAK/2F5xW3

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      a77ca5793b0e5f4a28ea576cf988b5c8_JaffaCakes118

    • Size

      89KB

    • MD5

      a77ca5793b0e5f4a28ea576cf988b5c8

    • SHA1

      81f7599be4e590386de12b4366716433bf10a017

    • SHA256

      5c302e8ae763e0d918978dacc3031dc4c4425757dd1bfed53f6b776e9b9003ee

    • SHA512

      d5bad9f53fd913afb44d4cad0888b4a71417f81924b8694eb6be7e2394889858e583ee2c193c7d2e1c3d94370c08cb4f6781569c9a1e9d8d3577f4d100e23e8f

    • SSDEEP

      1536:L8dOoemFFLr/5P8MdiEWzHc/toONCoCinYQ13gLspuIJK/k1lJSU5xfO3:6PemFN5GEeH2qAcinYQJgLAK/2F5xW3

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks