Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

c8cd7c5362...18.exe

windows7-x64

7

c8cd7c5362...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c8cd7c53626edbe78223cb22ca345c83_JaffaCakes118

  • Size

    424KB

  • Sample

    240829-pgmxaa1cnc

  • MD5

    c8cd7c53626edbe78223cb22ca345c83

  • SHA1

    952caf4f641254b80e7f0448ff336ee4781e16ec

  • SHA256

    5abf0c1be3e56362c64e099a82116c1e77c0829c13b8a64059a184099d38edc4

  • SHA512

    89eda342a7a372608a2df0e55c94f2206050ba3b8445f7c71da27f537a10f4915ed84a03ec6dd364e89687c84bb2245024408dbea4402c95209c86445a097aec

  • SSDEEP

    6144:JmkgOl+6AQhh/yNVelznR2W5nWP+kldviQKVPw8IHdNDO28Ow6MpRjR5wwr89LMU:JrgOLnlzR2OnWFitahi2RYRjRXIP4OP

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      c8cd7c53626edbe78223cb22ca345c83_JaffaCakes118

    • Size

      424KB

    • MD5

      c8cd7c53626edbe78223cb22ca345c83

    • SHA1

      952caf4f641254b80e7f0448ff336ee4781e16ec

    • SHA256

      5abf0c1be3e56362c64e099a82116c1e77c0829c13b8a64059a184099d38edc4

    • SHA512

      89eda342a7a372608a2df0e55c94f2206050ba3b8445f7c71da27f537a10f4915ed84a03ec6dd364e89687c84bb2245024408dbea4402c95209c86445a097aec

    • SSDEEP

      6144:JmkgOl+6AQhh/yNVelznR2W5nWP+kldviQKVPw8IHdNDO28Ow6MpRjR5wwr89LMU:JrgOLnlzR2OnWFitahi2RYRjRXIP4OP

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks