e091b855ca4b3df0b8d5b385d9c4499ce59ff93d107015d442f5092cd114df93 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

daaaffa5d4...18.exe

windows7-x64

7

daaaffa5d4...18.exe

windows10-2004-x64

7

Sharing

General

Target

daaaffa5d44e24b759ba8b5fb71311e3_JaffaCakes118
Size

1.1MB
Sample

240911-s2de5aybmr
MD5

daaaffa5d44e24b759ba8b5fb71311e3
SHA1

74679ebac9718cf30b34bb1017090932c5e616c9
SHA256

e091b855ca4b3df0b8d5b385d9c4499ce59ff93d107015d442f5092cd114df93
SHA512

c93863f056868779b6cfd9be1dd2ee3487d95737c642ddea0f3e6a9d509cde17c6bde7fbdba36ecf1cc0dc8bdaa476001f1d082ce83f8d4c254983e8c11d18b0
SSDEEP

12288:nsM+aTA3c+FK1vrlVYBVignBtZnfVq4cz1i5pP9kPQSL:sV4W8hqBYgnBLfVqx1Wjk/L

Score

7^/10

discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

daaaffa5d44e24b759ba8b5fb71311e3_JaffaCakes118.exe

Resource

win7-20240903-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

daaaffa5d44e24b759ba8b5fb71311e3_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  daaaffa5d44e24b759ba8b5fb71311e3_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  daaaffa5d44e24b759ba8b5fb71311e3
- SHA1
  
  74679ebac9718cf30b34bb1017090932c5e616c9
- SHA256
  
  e091b855ca4b3df0b8d5b385d9c4499ce59ff93d107015d442f5092cd114df93
- SHA512
  
  c93863f056868779b6cfd9be1dd2ee3487d95737c642ddea0f3e6a9d509cde17c6bde7fbdba36ecf1cc0dc8bdaa476001f1d082ce83f8d4c254983e8c11d18b0
- SSDEEP
  
  12288:nsM+aTA3c+FK1vrlVYBVignBtZnfVq4cz1i5pP9kPQSL:sV4W8hqBYgnBLfVqx1Wjk/L
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy