Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

012b791d05...18.exe

windows7-x64

10

012b791d05...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    012b791d054841dd2d52924c5170b4b1_JaffaCakes118

  • Size

    55KB

  • Sample

    240930-n1qlvatdqq

  • MD5

    012b791d054841dd2d52924c5170b4b1

  • SHA1

    95acf8d898edcaf54740c644602d6e6978eaba58

  • SHA256

    2542b01ef86cbe542b6ca888e1c4a6dd7b3610eddefb11cef1387e14dd14b6dc

  • SHA512

    8a50f058e462d76911313ab1a2dfa8788e32a680195b8a6e8d680164e0e6f7c753aead061131061ec26544ea82a6ccf9417452583b37e5f95a357fc751ff7a70

  • SSDEEP

    768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpfk:V3cpyORJLuB4P4AJJv4Romu/9tpvUZ0

Score
10/10
discoveryevasion

Malware Config

Targets

    • Target

      012b791d054841dd2d52924c5170b4b1_JaffaCakes118

    • Size

      55KB

    • MD5

      012b791d054841dd2d52924c5170b4b1

    • SHA1

      95acf8d898edcaf54740c644602d6e6978eaba58

    • SHA256

      2542b01ef86cbe542b6ca888e1c4a6dd7b3610eddefb11cef1387e14dd14b6dc

    • SHA512

      8a50f058e462d76911313ab1a2dfa8788e32a680195b8a6e8d680164e0e6f7c753aead061131061ec26544ea82a6ccf9417452583b37e5f95a357fc751ff7a70

    • SSDEEP

      768:Oe3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJapg4RoSMZeUZB/QosWpH+DrCUpfk:V3cpyORJLuB4P4AJJv4Romu/9tpvUZ0

    Score
    10/10
    discoveryevasion

    • Modifies visibility of file extensions in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks