Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

b8c3464ad1...18.exe

windows7-x64

10

b8c3464ad1...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b8c3464ad1b0b4a5633d02d573afc194_JaffaCakes118

  • Size

    204KB

  • Sample

    240822-xm2lmavfrn

  • MD5

    b8c3464ad1b0b4a5633d02d573afc194

  • SHA1

    b1dc50d02acfaef04ac3f040b4f9763ff8fdf55b

  • SHA256

    dc14d9e783272661f16ff972f9284eeed7d3481f496bc1975fb5cedf6547c241

  • SHA512

    87123d5ceb7bd4436bc0f14d92ed2e5155e74d0b0fd894c1aca38bf5db3db17e56de88015d8a3d8def586f8c1d17cf1124976cd37e0f3476a24c8dfc2e99b195

  • SSDEEP

    1536:8luL30zZ3NMsOfXu7Ke9TG4yMSmcUk6lCbQvmSTpJwuqCNQR6nkX5SADkPY+GdtR:oc30ZTTG4yMZc9pJSTp63Zc

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      b8c3464ad1b0b4a5633d02d573afc194_JaffaCakes118

    • Size

      204KB

    • MD5

      b8c3464ad1b0b4a5633d02d573afc194

    • SHA1

      b1dc50d02acfaef04ac3f040b4f9763ff8fdf55b

    • SHA256

      dc14d9e783272661f16ff972f9284eeed7d3481f496bc1975fb5cedf6547c241

    • SHA512

      87123d5ceb7bd4436bc0f14d92ed2e5155e74d0b0fd894c1aca38bf5db3db17e56de88015d8a3d8def586f8c1d17cf1124976cd37e0f3476a24c8dfc2e99b195

    • SSDEEP

      1536:8luL30zZ3NMsOfXu7Ke9TG4yMSmcUk6lCbQvmSTpJwuqCNQR6nkX5SADkPY+GdtR:oc30ZTTG4yMZc9pJSTp63Zc

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks