1fdd880d4a794918cb92d57809158937434b684df72e85245411154920507c33 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

b694031249...18.exe

windows7-x64

7

b694031249...18.exe

windows10-2004-x64

7

Sharing

General

Target

b694031249dc4586f2fafe98e4826a96_JaffaCakes118
Size

1.0MB
Sample

240822-gl5nwsvepj
MD5

b694031249dc4586f2fafe98e4826a96
SHA1

bd963a178fff7f2c5d88154832b87e4f581d013a
SHA256

1fdd880d4a794918cb92d57809158937434b684df72e85245411154920507c33
SHA512

136a3d579b79bbed03b96fdd6aca26e2626b220b1befa16f6ba6ba1d2f1b393774bd94dcdeb2d4649acb14eed1abaa46ee31fd2ba70202d7d14b573b8ff886e6
SSDEEP

24576:AbfU+dsaEISnqlYBIlNsoH6ctU1fFnJZ+rzpD2:9ElEISuYu6oH6XR3eti

Score

7^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

b694031249dc4586f2fafe98e4826a96_JaffaCakes118.exe

Resource

win7-20240705-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

b694031249dc4586f2fafe98e4826a96_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  b694031249dc4586f2fafe98e4826a96_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  b694031249dc4586f2fafe98e4826a96
- SHA1
  
  bd963a178fff7f2c5d88154832b87e4f581d013a
- SHA256
  
  1fdd880d4a794918cb92d57809158937434b684df72e85245411154920507c33
- SHA512
  
  136a3d579b79bbed03b96fdd6aca26e2626b220b1befa16f6ba6ba1d2f1b393774bd94dcdeb2d4649acb14eed1abaa46ee31fd2ba70202d7d14b573b8ff886e6
- SSDEEP
  
  24576:AbfU+dsaEISnqlYBIlNsoH6ctU1fFnJZ+rzpD2:9ElEISuYu6oH6XR3eti
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy