Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

de707053d5...18.exe

windows7-x64

10

de707053d5...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    de707053d58babaf5eb9c7115154612d_JaffaCakes118

  • Size

    244KB

  • Sample

    240913-syxplavhjn

  • MD5

    de707053d58babaf5eb9c7115154612d

  • SHA1

    3c020980e48994ed859c0dc5084d7b6979ff64c1

  • SHA256

    2deb6f6e116c990886cd374790714ac8300d9c48c7ca8ddca3c965b7799d4216

  • SHA512

    a3b5a6f209df562297c91799716371b202e1c2915f2a947338439bc2cc80a301e483db44824f06ffd24d27c068ae8c8d3093458f7fee100cfa93ac1039930635

  • SSDEEP

    768:1lvMaHfJcwaMCJUwbjMPkG1VuW/wqvRXMXp677yCzdXZRT2Nq1MaQnepMri14PGe:1Rl/JcsKJlGVs4emEFbcP0

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      de707053d58babaf5eb9c7115154612d_JaffaCakes118

    • Size

      244KB

    • MD5

      de707053d58babaf5eb9c7115154612d

    • SHA1

      3c020980e48994ed859c0dc5084d7b6979ff64c1

    • SHA256

      2deb6f6e116c990886cd374790714ac8300d9c48c7ca8ddca3c965b7799d4216

    • SHA512

      a3b5a6f209df562297c91799716371b202e1c2915f2a947338439bc2cc80a301e483db44824f06ffd24d27c068ae8c8d3093458f7fee100cfa93ac1039930635

    • SSDEEP

      768:1lvMaHfJcwaMCJUwbjMPkG1VuW/wqvRXMXp677yCzdXZRT2Nq1MaQnepMri14PGe:1Rl/JcsKJlGVs4emEFbcP0

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks