Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

fc94524744...18.exe

windows7-x64

10

fc94524744...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fc945247441031965a6c89803801e0cb_JaffaCakes118

  • Size

    360KB

  • Sample

    240928-sqg9yavfjg

  • MD5

    fc945247441031965a6c89803801e0cb

  • SHA1

    7556af6d7fa648d066a4bb02408242f9701627d5

  • SHA256

    50354aa1c149df5e7c75ff12fcd9cfa62fa45fa256165aefc20b66e34ff9f56d

  • SHA512

    b45c8c873091017e8ffe529cf2d3056d436068c15d9a236a3439563f961d892d57b5a798bba9d31fdd6e4de5fa2007716a1e872d8bb3e17962af6a914c88b4f2

  • SSDEEP

    3072:jm6/YsB98mlS3tEXS/xDLYqpJRHo4Osl3agRYlzvvGvUDoBEtazeV5bo9R:iPsBP/S/xDLYqpJRHo103a5o6tazeVUR

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      fc945247441031965a6c89803801e0cb_JaffaCakes118

    • Size

      360KB

    • MD5

      fc945247441031965a6c89803801e0cb

    • SHA1

      7556af6d7fa648d066a4bb02408242f9701627d5

    • SHA256

      50354aa1c149df5e7c75ff12fcd9cfa62fa45fa256165aefc20b66e34ff9f56d

    • SHA512

      b45c8c873091017e8ffe529cf2d3056d436068c15d9a236a3439563f961d892d57b5a798bba9d31fdd6e4de5fa2007716a1e872d8bb3e17962af6a914c88b4f2

    • SSDEEP

      3072:jm6/YsB98mlS3tEXS/xDLYqpJRHo4Osl3agRYlzvvGvUDoBEtazeV5bo9R:iPsBP/S/xDLYqpJRHo103a5o6tazeVUR

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks