d0f885747425bd06b790bda6fbde4dbd70b7f9df1faaf4216d3fc063146ef543 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

04765a275d...18.exe

windows7-x64

04765a275d...18.exe

windows10-2004-x64

Sharing

General

Target

04765a275df1efc30c0ffbcd8a67d4c5_JaffaCakes118
Size

72KB
Sample

241001-fqgxyswcph
MD5

04765a275df1efc30c0ffbcd8a67d4c5
SHA1

2c44e4ac44b851a699c25ee2ab2767df0c222f0a
SHA256

d0f885747425bd06b790bda6fbde4dbd70b7f9df1faaf4216d3fc063146ef543
SHA512

160d3dda060cf45d046fdfeadc0fae2c9b96440c7d9035f7d7bf7173792d9bc2cc80fa549bdda80979969021e8c1527bf91a6d3de2308e094f8f5635f7d0b28f
SSDEEP

768:ipQNwC3BEddsEqOt/hyJF+x3BEJwRrPhs:ieTce/U/hKYuKPhs

Score

10^/10

discovery evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

04765a275df1efc30c0ffbcd8a67d4c5_JaffaCakes118.exe

Resource

win7-20240903-en

discovery evasion

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

04765a275df1efc30c0ffbcd8a67d4c5_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery evasion

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  04765a275df1efc30c0ffbcd8a67d4c5_JaffaCakes118
- Size
  
  72KB
- MD5
  
  04765a275df1efc30c0ffbcd8a67d4c5
- SHA1
  
  2c44e4ac44b851a699c25ee2ab2767df0c222f0a
- SHA256
  
  d0f885747425bd06b790bda6fbde4dbd70b7f9df1faaf4216d3fc063146ef543
- SHA512
  
  160d3dda060cf45d046fdfeadc0fae2c9b96440c7d9035f7d7bf7173792d9bc2cc80fa549bdda80979969021e8c1527bf91a6d3de2308e094f8f5635f7d0b28f
- SSDEEP
  
  768:ipQNwC3BEddsEqOt/hyJF+x3BEJwRrPhs:ieTce/U/hKYuKPhs
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Disables RegEdit via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Network Share Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Time Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion

© 2018-2025

Terms | Privacy