Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

dee690988d...18.exe

windows7-x64

10

dee690988d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dee690988d9bc2bf630817fdb43c6d07_JaffaCakes118

  • Size

    296KB

  • Sample

    240913-zxcrcszarh

  • MD5

    dee690988d9bc2bf630817fdb43c6d07

  • SHA1

    a7d6294a0913717ba6dd39c0516021fc45a8debf

  • SHA256

    9152177c3d8dd0de603f00669b6d8c7d9b30bb9711d33f4c7ebc7c3700c9989f

  • SHA512

    4b00798706df21ccee891f2e038421d18050c674f90ff0a0b2ad632d98d1e68e38fc605d68044763d5d2aa7391e7339d4ae85f24fc6f44c274f3692969e76935

  • SSDEEP

    3072:A6veHqOdzh7sAFEouHwbBAW4hXNzcd6HFfak/K4jaU3bxt2eK:AUgz/FEouH+BAi4HFfAgLGb

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      dee690988d9bc2bf630817fdb43c6d07_JaffaCakes118

    • Size

      296KB

    • MD5

      dee690988d9bc2bf630817fdb43c6d07

    • SHA1

      a7d6294a0913717ba6dd39c0516021fc45a8debf

    • SHA256

      9152177c3d8dd0de603f00669b6d8c7d9b30bb9711d33f4c7ebc7c3700c9989f

    • SHA512

      4b00798706df21ccee891f2e038421d18050c674f90ff0a0b2ad632d98d1e68e38fc605d68044763d5d2aa7391e7339d4ae85f24fc6f44c274f3692969e76935

    • SSDEEP

      3072:A6veHqOdzh7sAFEouHwbBAW4hXNzcd6HFfak/K4jaU3bxt2eK:AUgz/FEouH+BAi4HFfAgLGb

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks