5388730edaa08c80a2e19d8ef5a2c06a906d53f26e04b647d58fed2822d1f17d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

7

dd882c6a89...18.dll

windows7-x64

8

dd882c6a89...18.dll

windows10-2004-x64

8

Sharing

General

Target

dd882c6a89883b46c37edc969bf5e388_JaffaCakes118
Size

302KB
Sample

240913-df1k7s1dkf
MD5

dd882c6a89883b46c37edc969bf5e388
SHA1

85aa3e5630109f49a45c256cc63a1d26c6cbc935
SHA256

5388730edaa08c80a2e19d8ef5a2c06a906d53f26e04b647d58fed2822d1f17d
SHA512

73e18650d1e6a537e63ea09f13c1af185b86ea4ebf702a7722ae9c7442275069cb0699e3592dd411c289191c4e6782e05bb9e65858a423e3493876520a718131
SSDEEP

6144:1hzho3uHTdtA0slNuGgzncbJp4tYGM9ueny7Vo/215TiD55fondbPvWS8FAX:1hzKCT0Znulzsp4tYGM9LnCV+2/GjQdP

Score

8^/10

discovery persistence upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

dd882c6a89883b46c37edc969bf5e388_JaffaCakes118.dll

Resource

win7-20240903-en

discovery persistence upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

dd882c6a89883b46c37edc969bf5e388_JaffaCakes118.dll

Resource

win10v2004-20240802-en

discovery persistence upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  dd882c6a89883b46c37edc969bf5e388_JaffaCakes118
- Size
  
  302KB
- MD5
  
  dd882c6a89883b46c37edc969bf5e388
- SHA1
  
  85aa3e5630109f49a45c256cc63a1d26c6cbc935
- SHA256
  
  5388730edaa08c80a2e19d8ef5a2c06a906d53f26e04b647d58fed2822d1f17d
- SHA512
  
  73e18650d1e6a537e63ea09f13c1af185b86ea4ebf702a7722ae9c7442275069cb0699e3592dd411c289191c4e6782e05bb9e65858a423e3493876520a718131
- SSDEEP
  
  6144:1hzho3uHTdtA0slNuGgzncbJp4tYGM9ueny7Vo/215TiD55fondbPvWS8FAX:1hzKCT0Znulzsp4tYGM9LnCV+2/GjQdP
Score

8^/10

discovery persistence upx
- Server Software Component: Terminal Services DLL
  persistence
- Sets service image path in registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Server Software Component

Terminal Services DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx

© 2018-2025

Terms | Privacy