6572366aabc42a2560fb2da3da0fc4199814f25d1218fe42754ce03bd1450165 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

5

f5a118ee4b...18.exe

windows7-x64

6

f5a118ee4b...18.exe

windows10-2004-x64

5

Sharing

General

Target

f5a118ee4bc75613ff220935843e6196_JaffaCakes118
Size

82KB
Sample

240925-kn5y8ayfnh
MD5

f5a118ee4bc75613ff220935843e6196
SHA1

01f6ed53721d8fcf93e6786998c8ee6eb131d8ff
SHA256

6572366aabc42a2560fb2da3da0fc4199814f25d1218fe42754ce03bd1450165
SHA512

2ecfd1e873468929aa3ccb82e5306e47cc876e306836f26ded978dfb69408c69ae19d91010ec62af075ba616e6f277974fc05f4bc42da9394c0618dc57bfa9df
SSDEEP

1536:SikXL5/3beiZZpjjsPtQ3E1N/2wpPGl2DcMTucVkY8y:ST5Dv3IPR1NuwpPGlecMq/zy

Score

6^/10

discovery persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

f5a118ee4bc75613ff220935843e6196_JaffaCakes118.exe

Resource

win7-20240903-en

persistence upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

f5a118ee4bc75613ff220935843e6196_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  f5a118ee4bc75613ff220935843e6196_JaffaCakes118
- Size
  
  82KB
- MD5
  
  f5a118ee4bc75613ff220935843e6196
- SHA1
  
  01f6ed53721d8fcf93e6786998c8ee6eb131d8ff
- SHA256
  
  6572366aabc42a2560fb2da3da0fc4199814f25d1218fe42754ce03bd1450165
- SHA512
  
  2ecfd1e873468929aa3ccb82e5306e47cc876e306836f26ded978dfb69408c69ae19d91010ec62af075ba616e6f277974fc05f4bc42da9394c0618dc57bfa9df
- SSDEEP
  
  1536:SikXL5/3beiZZpjjsPtQ3E1N/2wpPGl2DcMTucVkY8y:ST5Dv3IPR1NuwpPGlecMq/zy
Score

6^/10

persistence upx discovery
- Modifies WinLogon
  persistence
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy