27f10960594dc8b1c59001087b6027c19a583bea16ce4cac19efa71ed0b2e548 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

bf38333a12...18.exe

windows7-x64

7

bf38333a12...18.exe

windows10-2004-x64

7

Sharing

General

Target

bf38333a1243cf12ea3216cc2f07bd24_JaffaCakes118
Size

28KB
Sample

240824-xpws6awdqr
MD5

bf38333a1243cf12ea3216cc2f07bd24
SHA1

53c8653bc4cf317b3d8c1cdbd9aa6a65b8bdc308
SHA256

27f10960594dc8b1c59001087b6027c19a583bea16ce4cac19efa71ed0b2e548
SHA512

84ba45f4fefc3bc70cf470c11a93ddf1613df5aa1562bd808020b916c9ced96bcfd45a67ad78fcf7c986686586a1cc19e49ad44977d4ed06a229350248818c11
SSDEEP

768:SKH3OqDqRniZdPHeELIO3FrDyUxfha5G:SKXvGmdfeEsetOmP

Score

7^/10

aspackv2 discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

bf38333a1243cf12ea3216cc2f07bd24_JaffaCakes118.exe

Resource

win7-20240705-en

aspackv2 discovery

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

bf38333a1243cf12ea3216cc2f07bd24_JaffaCakes118.exe

Resource

win10v2004-20240802-en

aspackv2 discovery

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  bf38333a1243cf12ea3216cc2f07bd24_JaffaCakes118
- Size
  
  28KB
- MD5
  
  bf38333a1243cf12ea3216cc2f07bd24
- SHA1
  
  53c8653bc4cf317b3d8c1cdbd9aa6a65b8bdc308
- SHA256
  
  27f10960594dc8b1c59001087b6027c19a583bea16ce4cac19efa71ed0b2e548
- SHA512
  
  84ba45f4fefc3bc70cf470c11a93ddf1613df5aa1562bd808020b916c9ced96bcfd45a67ad78fcf7c986686586a1cc19e49ad44977d4ed06a229350248818c11
- SSDEEP
  
  768:SKH3OqDqRniZdPHeELIO3FrDyUxfha5G:SKXvGmdfeEsetOmP
Score

7^/10

aspackv2 discovery
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2discovery

behavioral2

aspackv2discovery

© 2018-2025

Terms | Privacy