Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

c84eaddea7...18.exe

windows7-x64

7

c84eaddea7...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c84eaddea738ab53f0d577957be252c6_JaffaCakes118

  • Size

    323KB

  • Sample

    240829-gdknrayaql

  • MD5

    c84eaddea738ab53f0d577957be252c6

  • SHA1

    babff72c370a221469ea00d75975ce82860c69df

  • SHA256

    eb7d1c36b5beed937341b188d4b174f953348b364d2b726322f7b2de7222052c

  • SHA512

    c536d2e392ec58fd92d445e7a4fcc118a3dffc10ca178aec05dfb0d24b89e877eddb490f7fd837a4addd0b19e99e3dea343dce87aeec2063d4b5784775ba8e45

  • SSDEEP

    6144:gl+340H7xeCBg3VbraHRi7bsFxmeAqTjhIimf7Nx3AkxENpJBkH1M2:oOP79Bgtwi7wxmeAqT9KBx3AkxENpJqn

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      c84eaddea738ab53f0d577957be252c6_JaffaCakes118

    • Size

      323KB

    • MD5

      c84eaddea738ab53f0d577957be252c6

    • SHA1

      babff72c370a221469ea00d75975ce82860c69df

    • SHA256

      eb7d1c36b5beed937341b188d4b174f953348b364d2b726322f7b2de7222052c

    • SHA512

      c536d2e392ec58fd92d445e7a4fcc118a3dffc10ca178aec05dfb0d24b89e877eddb490f7fd837a4addd0b19e99e3dea343dce87aeec2063d4b5784775ba8e45

    • SSDEEP

      6144:gl+340H7xeCBg3VbraHRi7bsFxmeAqTjhIimf7Nx3AkxENpJBkH1M2:oOP79Bgtwi7wxmeAqT9KBx3AkxENpJqn

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks for any installed AV software in registry

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks