177510a95f2bd9c4584c3c5dd536ca71f517b3d5767abc2fcf177ef29f83369f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

d668148d1a...18.exe

windows7-x64

7

d668148d1a...18.exe

windows10-2004-x64

8

Sharing

General

Target

d668148d1a59d45cb510101313e9dfc0_JaffaCakes118
Size

134KB
Sample

240909-qqj3eszfpr
MD5

d668148d1a59d45cb510101313e9dfc0
SHA1

b54578f109ab1be96c114db86e2639a9356aa2bb
SHA256

177510a95f2bd9c4584c3c5dd536ca71f517b3d5767abc2fcf177ef29f83369f
SHA512

b460dcca0e32d0f627685988965cec9fb2e1ffa40558535f42cdcdd3f4b2b2d94ff9150dad17ecc1227175b6ff991afd9765f82975f3b9596d59988f94dd362f
SSDEEP

3072:TUX8z0IKAXAZEH6Gg7M4o6Y43uzljWFq8j2y:ToE0IcmiA4J3uzlS08j2

Score

8^/10

discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d668148d1a59d45cb510101313e9dfc0_JaffaCakes118.exe

Resource

win7-20240903-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

d668148d1a59d45cb510101313e9dfc0_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery persistence

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Targets

- Target
  
  d668148d1a59d45cb510101313e9dfc0_JaffaCakes118
- Size
  
  134KB
- MD5
  
  d668148d1a59d45cb510101313e9dfc0
- SHA1
  
  b54578f109ab1be96c114db86e2639a9356aa2bb
- SHA256
  
  177510a95f2bd9c4584c3c5dd536ca71f517b3d5767abc2fcf177ef29f83369f
- SHA512
  
  b460dcca0e32d0f627685988965cec9fb2e1ffa40558535f42cdcdd3f4b2b2d94ff9150dad17ecc1227175b6ff991afd9765f82975f3b9596d59988f94dd362f
- SSDEEP
  
  3072:TUX8z0IKAXAZEH6Gg7M4o6Y43uzljWFq8j2y:ToE0IcmiA4J3uzlS08j2
Score

8^/10

discovery persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence

© 2018-2025

Terms | Privacy