Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

16d88e8323...18.exe

windows7-x64

7

16d88e8323...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16d88e8323fa362cd5a1473578c46f6f_JaffaCakes118

  • Size

    2.2MB

  • Sample

    241005-jxb7tsycpb

  • MD5

    16d88e8323fa362cd5a1473578c46f6f

  • SHA1

    f274f3a8dde5bc4385702c8040a351c12d0dd461

  • SHA256

    ee31b012b2e7d0a20115ebbdca5eb93741c6247ac984743e9b133cc79de2bca4

  • SHA512

    befaac12a62591eacfe66c438005ab9ddfcd781217d17655685a08f08507a7fe95c28e364e3cbb47e0b47f95e5ac62333b6592e04e3c4e5942cecb1835b7f35d

  • SSDEEP

    49152:k0jK9+LZgR8B2dWBCp1pSei2EY48esWo/I0p6eJhvImKebA5rOYiZno:xj+u2+20BCzpziMR+f0pJhvImKebSivK

Score
7/10
adwarediscoverypersistenceprivilege_escalationstealer

Malware Config

Targets

    • Target

      16d88e8323fa362cd5a1473578c46f6f_JaffaCakes118

    • Size

      2.2MB

    • MD5

      16d88e8323fa362cd5a1473578c46f6f

    • SHA1

      f274f3a8dde5bc4385702c8040a351c12d0dd461

    • SHA256

      ee31b012b2e7d0a20115ebbdca5eb93741c6247ac984743e9b133cc79de2bca4

    • SHA512

      befaac12a62591eacfe66c438005ab9ddfcd781217d17655685a08f08507a7fe95c28e364e3cbb47e0b47f95e5ac62333b6592e04e3c4e5942cecb1835b7f35d

    • SSDEEP

      49152:k0jK9+LZgR8B2dWBCp1pSei2EY48esWo/I0p6eJhvImKebA5rOYiZno:xj+u2+20BCzpziMR+f0pJhvImKebSivK

    Score
    7/10
    adwarediscoverypersistenceprivilege_escalationstealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks