d53c7d5ea9bb8e44e0d4d06794e8870e6f588a2db0bf00aa409ae1a2d45b9438 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

bf1fed9c0a...18.exe

windows7-x64

bf1fed9c0a...18.exe

windows10-2004-x64

Sharing

General

Target

bf1fed9c0a93d5b8f5ee12275d97771a_JaffaCakes118
Size

49KB
Sample

240824-v8vdbstcjq
MD5

bf1fed9c0a93d5b8f5ee12275d97771a
SHA1

e8f73d679ae29e3125a622160820d0912065f0a2
SHA256

d53c7d5ea9bb8e44e0d4d06794e8870e6f588a2db0bf00aa409ae1a2d45b9438
SHA512

4b9ce2d3332294066bade7dc90d887928bf424a520bdbecbfab12513f640ebf0e3af5cdeaa81d66ff5940fd41d6cde895c60ca89b61f391c334e69e3209bab42
SSDEEP

768:7f9L5DuylOlZrcKOrQZ28lR0aHPNb/rIln:7t5DrkcPr2BlakFrIln

Score

10^/10

discovery evasion upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bf1fed9c0a93d5b8f5ee12275d97771a_JaffaCakes118.exe

Resource

win7-20240704-en

discovery evasion upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

bf1fed9c0a93d5b8f5ee12275d97771a_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery evasion upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  bf1fed9c0a93d5b8f5ee12275d97771a_JaffaCakes118
- Size
  
  49KB
- MD5
  
  bf1fed9c0a93d5b8f5ee12275d97771a
- SHA1
  
  e8f73d679ae29e3125a622160820d0912065f0a2
- SHA256
  
  d53c7d5ea9bb8e44e0d4d06794e8870e6f588a2db0bf00aa409ae1a2d45b9438
- SHA512
  
  4b9ce2d3332294066bade7dc90d887928bf424a520bdbecbfab12513f640ebf0e3af5cdeaa81d66ff5940fd41d6cde895c60ca89b61f391c334e69e3209bab42
- SSDEEP
  
  768:7f9L5DuylOlZrcKOrQZ28lR0aHPNb/rIln:7t5DrkcPr2BlakFrIln
Score

10^/10

discovery evasion upx
- Modifies firewall policy service
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionupx

behavioral2

discoveryevasionupx

© 2018-2025

Terms | Privacy