Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

c192a4f018...18.exe

windows7-x64

10

c192a4f018...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c192a4f0185977cccb8028dea32eeb66_JaffaCakes118

  • Size

    156KB

  • Sample

    240825-zs574swenr

  • MD5

    c192a4f0185977cccb8028dea32eeb66

  • SHA1

    f47909e79090753c0288badf9d97f4def7aa6bc7

  • SHA256

    db7e28e076bb06ae8c7b0c8e2009f82806763727b4397d1df58d317b2bdc1a1c

  • SHA512

    ffebc71853ad25e87e71688eba34ecc9e6630ca8b7b840a6f39b1e84a692203b974b387217f2ef5ebbb9e84e0ec25980a18e6e738b6aefb7040d2ef1218e280d

  • SSDEEP

    3072:wUfZ72L2wmM39vJhjmRMKGOMztubDqrmhX1yjdLB4oQZiESD:VR22wmMtRfXZm1gpHW4

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      c192a4f0185977cccb8028dea32eeb66_JaffaCakes118

    • Size

      156KB

    • MD5

      c192a4f0185977cccb8028dea32eeb66

    • SHA1

      f47909e79090753c0288badf9d97f4def7aa6bc7

    • SHA256

      db7e28e076bb06ae8c7b0c8e2009f82806763727b4397d1df58d317b2bdc1a1c

    • SHA512

      ffebc71853ad25e87e71688eba34ecc9e6630ca8b7b840a6f39b1e84a692203b974b387217f2ef5ebbb9e84e0ec25980a18e6e738b6aefb7040d2ef1218e280d

    • SSDEEP

      3072:wUfZ72L2wmM39vJhjmRMKGOMztubDqrmhX1yjdLB4oQZiESD:VR22wmMtRfXZm1gpHW4

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks