Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

133d79bc5f...18.exe

windows7-x64

7

133d79bc5f...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    133d79bc5fdc96d84c01ad2da0314c0a_JaffaCakes118

  • Size

    275KB

  • Sample

    241004-ny8pmswfrd

  • MD5

    133d79bc5fdc96d84c01ad2da0314c0a

  • SHA1

    f1200d3aeef2cd9a8f0758a4a5342c6ad2bb5348

  • SHA256

    1e33154f47add081bf3a8b308606eba2161518d5ec53508af0e485b941f67a16

  • SHA512

    83a68a6ae2d50c14dfe40765bb45ad588f7fc2bb644df9d2573d31866ea421a275f8f0fdbfacd9d690a80bee7db128d584e416bfc20456c27840c31a0baf6434

  • SSDEEP

    6144:N7i68hkfKx/8GcsMBvMCmJpArWnysskEL1gUs2OXI8AcP78EBwC2IRq:N1Uk+esTCm8gyLZL1p2I8rBwC2Ic

Score
7/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      133d79bc5fdc96d84c01ad2da0314c0a_JaffaCakes118

    • Size

      275KB

    • MD5

      133d79bc5fdc96d84c01ad2da0314c0a

    • SHA1

      f1200d3aeef2cd9a8f0758a4a5342c6ad2bb5348

    • SHA256

      1e33154f47add081bf3a8b308606eba2161518d5ec53508af0e485b941f67a16

    • SHA512

      83a68a6ae2d50c14dfe40765bb45ad588f7fc2bb644df9d2573d31866ea421a275f8f0fdbfacd9d690a80bee7db128d584e416bfc20456c27840c31a0baf6434

    • SSDEEP

      6144:N7i68hkfKx/8GcsMBvMCmJpArWnysskEL1gUs2OXI8AcP78EBwC2IRq:N1Uk+esTCm8gyLZL1p2I8rBwC2Ic

    Score
    7/10
    bootkitdiscoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks