558174d9a304f32dde9a5ddd2e7c6bb1ced25cc16e0fd4e78667a5a0cdc4dcb4 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

dd33e2b5e8...18.exe

windows7-x64

7

dd33e2b5e8...18.exe

windows10-2004-x64

7

Sharing

General

Target

dd33e2b5e80ea5b6aaa4bf38ab9bd70c_JaffaCakes118
Size

4.7MB
Sample

240912-2z72dszenq
MD5

dd33e2b5e80ea5b6aaa4bf38ab9bd70c
SHA1

e6d1a637eb8cf9eaa1993a459b83a759e8d84149
SHA256

558174d9a304f32dde9a5ddd2e7c6bb1ced25cc16e0fd4e78667a5a0cdc4dcb4
SHA512

104c21bfd2ffd717494b82263fdae6a705a9a3dbf4c818831f05b975eaff5ea167e15a75ae1b1fc5a75c2181d4912ab91497413879a46eb3a492092728956c43
SSDEEP

98304:Ae4d8iEityhkhqloaxeq7jhIXUvPBnnom2LSqLyT:nCnyhkhBaxem1tPBn2uqC

Score

7^/10

discovery upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

dd33e2b5e80ea5b6aaa4bf38ab9bd70c_JaffaCakes118.exe

Resource

win7-20240708-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

dd33e2b5e80ea5b6aaa4bf38ab9bd70c_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  dd33e2b5e80ea5b6aaa4bf38ab9bd70c_JaffaCakes118
- Size
  
  4.7MB
- MD5
  
  dd33e2b5e80ea5b6aaa4bf38ab9bd70c
- SHA1
  
  e6d1a637eb8cf9eaa1993a459b83a759e8d84149
- SHA256
  
  558174d9a304f32dde9a5ddd2e7c6bb1ced25cc16e0fd4e78667a5a0cdc4dcb4
- SHA512
  
  104c21bfd2ffd717494b82263fdae6a705a9a3dbf4c818831f05b975eaff5ea167e15a75ae1b1fc5a75c2181d4912ab91497413879a46eb3a492092728956c43
- SSDEEP
  
  98304:Ae4d8iEityhkhqloaxeq7jhIXUvPBnnom2LSqLyT:nCnyhkhBaxem1tPBn2uqC
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy