c2aee86483687e5cc13f93b24746a76d362f23ce57096802e83bb82c66983789 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

5

f65ab7cd6e...18.exe

windows7-x64

f65ab7cd6e...18.exe

windows10-2004-x64

Sharing

General

Target

f65ab7cd6edd0e28e8af9283246b30a8_JaffaCakes118
Size

372KB
Sample

240925-tdtb4sxcpa
MD5

f65ab7cd6edd0e28e8af9283246b30a8
SHA1

40de8a9cf006d6f73ccd5ff992ec857fc3840817
SHA256

c2aee86483687e5cc13f93b24746a76d362f23ce57096802e83bb82c66983789
SHA512

202299e5e28544833830a20b8a71b146f6b0fb0905c262c3550acb5f522679d931ea157317b2fb6b5fe86dc8a9ee549696f263bfc8154a2502544c4f51fbc2a9
SSDEEP

6144:eG78LjzOANvSAsQLqF9pXMiY3sGB6UduRfLtcJ:p7kmAN6omFMb3sGB6UduRfLaJ

Score

10^/10

discovery evasion persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

f65ab7cd6edd0e28e8af9283246b30a8_JaffaCakes118.exe

Resource

win7-20240704-en

discovery evasion persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

f65ab7cd6edd0e28e8af9283246b30a8_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery evasion persistence upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  f65ab7cd6edd0e28e8af9283246b30a8_JaffaCakes118
- Size
  
  372KB
- MD5
  
  f65ab7cd6edd0e28e8af9283246b30a8
- SHA1
  
  40de8a9cf006d6f73ccd5ff992ec857fc3840817
- SHA256
  
  c2aee86483687e5cc13f93b24746a76d362f23ce57096802e83bb82c66983789
- SHA512
  
  202299e5e28544833830a20b8a71b146f6b0fb0905c262c3550acb5f522679d931ea157317b2fb6b5fe86dc8a9ee549696f263bfc8154a2502544c4f51fbc2a9
- SSDEEP
  
  6144:eG78LjzOANvSAsQLqF9pXMiY3sGB6UduRfLtcJ:p7kmAN6omFMb3sGB6UduRfLaJ
Score

10^/10

discovery evasion persistence upx
- Modifies firewall policy service
  evasion
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceupx

behavioral2

discoveryevasionpersistenceupx

© 2018-2025

Terms | Privacy