Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

c28b27aceb...18.exe

windows7-x64

10

c28b27aceb...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c28b27acebd13ab577bd011e0befd51a_JaffaCakes118

  • Size

    384KB

  • Sample

    240826-jdylqatflp

  • MD5

    c28b27acebd13ab577bd011e0befd51a

  • SHA1

    45a73cce655054d3e455a99fb23e57ef2ee2cd5b

  • SHA256

    e6d647a64e3182c6acf6838871d097dc38e51939f271adef8c9bf76c4577b4fe

  • SHA512

    53fb67ba9825db3947c424264f89dc7018c9f880360ed8d64e711c5f2f936708c7be9a5a40697e6431845fcd22c2700fcc1ddaf33c9ad98b765f473abf3fd7f2

  • SSDEEP

    6144:8Bt0Rv55G5ke9MRs0On1SIFs7Bqwtj9kJ8c0IITjZ0N7/cYL9duz4hwOUu808OhT:JR5GdCs0O1BkBqwtjFc0fTjZOT59ozIT

Score
10/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      c28b27acebd13ab577bd011e0befd51a_JaffaCakes118

    • Size

      384KB

    • MD5

      c28b27acebd13ab577bd011e0befd51a

    • SHA1

      45a73cce655054d3e455a99fb23e57ef2ee2cd5b

    • SHA256

      e6d647a64e3182c6acf6838871d097dc38e51939f271adef8c9bf76c4577b4fe

    • SHA512

      53fb67ba9825db3947c424264f89dc7018c9f880360ed8d64e711c5f2f936708c7be9a5a40697e6431845fcd22c2700fcc1ddaf33c9ad98b765f473abf3fd7f2

    • SSDEEP

      6144:8Bt0Rv55G5ke9MRs0On1SIFs7Bqwtj9kJ8c0IITjZ0N7/cYL9duz4hwOUu808OhT:JR5GdCs0O1BkBqwtjFc0fTjZOT59ozIT

    Score
    10/10
    discoveryevasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks