Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

d5948f17d4...18.exe

windows7-x64

10

d5948f17d4...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d5948f17d4de453ecb09d26bb5f4a0d2_JaffaCakes118

  • Size

    88KB

  • Sample

    240909-dya39syhll

  • MD5

    d5948f17d4de453ecb09d26bb5f4a0d2

  • SHA1

    7376a84a0ec85824999ccb68e1edad6c386f0a8e

  • SHA256

    ae34c923461e43ee83a4b0c31d3ba8a9a24f8e4fff0785d2706a5138b587e248

  • SHA512

    f1491db9c16c836f07465594c34fa3128344e6db1c5ef1f94d4ab117ac2c70cb4e0221f0176dad0ee8f6d9bb8a036ef0b9de8f652926bce72774c6914a88db1c

  • SSDEEP

    768:rDFI3MrddaqnObOasGEwU8Z1Rbe2kjEQJQ1H7a8zFkzqcwu2:lIceiCU8Z1QjEQJecwu

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      d5948f17d4de453ecb09d26bb5f4a0d2_JaffaCakes118

    • Size

      88KB

    • MD5

      d5948f17d4de453ecb09d26bb5f4a0d2

    • SHA1

      7376a84a0ec85824999ccb68e1edad6c386f0a8e

    • SHA256

      ae34c923461e43ee83a4b0c31d3ba8a9a24f8e4fff0785d2706a5138b587e248

    • SHA512

      f1491db9c16c836f07465594c34fa3128344e6db1c5ef1f94d4ab117ac2c70cb4e0221f0176dad0ee8f6d9bb8a036ef0b9de8f652926bce72774c6914a88db1c

    • SSDEEP

      768:rDFI3MrddaqnObOasGEwU8Z1Rbe2kjEQJQ1H7a8zFkzqcwu2:lIceiCU8Z1QjEQJecwu

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks