f8c310aef153bfd526af37f1dd3cb969c706e9ce080d5407499d819dbdc160b2 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

b0ace06ed2...18.dll

windows7-x64

b0ace06ed2...18.dll

windows10-2004-x64

Sharing

General

Target

b0ace06ed2168781136f13fac6bb1037_JaffaCakes118
Size

163KB
Sample

240820-y18grs1erh
MD5

b0ace06ed2168781136f13fac6bb1037
SHA1

aa161b8793ff86266ca861d124f5e8a3db58c7dc
SHA256

f8c310aef153bfd526af37f1dd3cb969c706e9ce080d5407499d819dbdc160b2
SHA512

535e645485b42fa92b1685b0ce5c0af9a8b3df0f96e8c15d64a8f7c41c2d2de8313b6303d10bc8947d2d8f2ce2519acb030accf73557d638ef1f9ad513fd5bd3
SSDEEP

3072:QO/Bm39HTWPLEkapd/nfO09q8M1iqcO3zyZSKHXBX9ARlGSS84sX1NZ26gIFSWt8:Z/c9zWIfpd/nm09q71iqcO32w8p6Rl1w

Score

10^/10

discovery evasion upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

b0ace06ed2168781136f13fac6bb1037_JaffaCakes118.dll

Resource

win7-20240705-en

discovery evasion upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

b0ace06ed2168781136f13fac6bb1037_JaffaCakes118.dll

Resource

win10v2004-20240802-en

discovery evasion upx

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  b0ace06ed2168781136f13fac6bb1037_JaffaCakes118
- Size
  
  163KB
- MD5
  
  b0ace06ed2168781136f13fac6bb1037
- SHA1
  
  aa161b8793ff86266ca861d124f5e8a3db58c7dc
- SHA256
  
  f8c310aef153bfd526af37f1dd3cb969c706e9ce080d5407499d819dbdc160b2
- SHA512
  
  535e645485b42fa92b1685b0ce5c0af9a8b3df0f96e8c15d64a8f7c41c2d2de8313b6303d10bc8947d2d8f2ce2519acb030accf73557d638ef1f9ad513fd5bd3
- SSDEEP
  
  3072:QO/Bm39HTWPLEkapd/nfO09q8M1iqcO3zyZSKHXBX9ARlGSS84sX1NZ26gIFSWt8:Z/c9zWIfpd/nm09q71iqcO32w8p6Rl1w
Score

10^/10

discovery evasion upx
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies visiblity of hidden/system files in Explorer
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionupx

behavioral2

discoveryevasionupx

© 2018-2025

Terms | Privacy