1de5d7603f63ad7c0bda41397d78cac2c4d121e4b340e2e8da7f253907b0a319 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

5

067878c7aa...18.exe

windows7-x64

067878c7aa...18.exe

windows10-2004-x64

Sharing

General

Target

067878c7aab927e5cb6c80cd3b9efbeb_JaffaCakes118
Size

3KB
Sample

241001-tmh8hascpe
MD5

067878c7aab927e5cb6c80cd3b9efbeb
SHA1

3d92de6374c8e51ae0cf3cc8639c5279e6704979
SHA256

1de5d7603f63ad7c0bda41397d78cac2c4d121e4b340e2e8da7f253907b0a319
SHA512

3e7bd7b2362e5f0e1b1355fad9f89f9bba76e9601877425491e480b58c5750ea29d65f9e930189247c11568c1d5fdd4a03122018ad77e15f62b0b5e9e2286fce

Score

10^/10

discovery persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

067878c7aab927e5cb6c80cd3b9efbeb_JaffaCakes118.exe

Resource

win7-20240903-en

discovery persistence upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

067878c7aab927e5cb6c80cd3b9efbeb_JaffaCakes118.exe

Resource

win10v2004-20240910-en

discovery persistence upx

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  067878c7aab927e5cb6c80cd3b9efbeb_JaffaCakes118
- Size
  
  3KB
- MD5
  
  067878c7aab927e5cb6c80cd3b9efbeb
- SHA1
  
  3d92de6374c8e51ae0cf3cc8639c5279e6704979
- SHA256
  
  1de5d7603f63ad7c0bda41397d78cac2c4d121e4b340e2e8da7f253907b0a319
- SHA512
  
  3e7bd7b2362e5f0e1b1355fad9f89f9bba76e9601877425491e480b58c5750ea29d65f9e930189247c11568c1d5fdd4a03122018ad77e15f62b0b5e9e2286fce
Score

10^/10

discovery persistence upx
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

discoverypersistenceupx

© 2018-2025

Terms | Privacy