613374053b2c916c156e3ced8c14564f9af57d1b1ba02a79442e2a87f720c583 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

2605693f44...18.exe

windows7-x64

2605693f44...18.exe

windows10-2004-x64

Sharing

General

Target

2605693f44da294d248e867151750284_JaffaCakes118
Size

55KB
Sample

241008-1tf52s1amk
MD5

2605693f44da294d248e867151750284
SHA1

91753d7c1bf80b66eb787f071950c5333229a46c
SHA256

613374053b2c916c156e3ced8c14564f9af57d1b1ba02a79442e2a87f720c583
SHA512

befbfc2414857edfafffe83f0e0a1e9f062073c5807cfb972dd2a91b78c67e6112b0cfa9f917b9adbb7ed5c0f35c9730dfe6c5b511cd34b55e72960957cab00a
SSDEEP

1536:V3cpyORJLuB4P4AJJv4Romu/k58C28hoq:V3c1fP4AJJv45j8C2moq

Score

10^/10

discovery evasion

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2605693f44da294d248e867151750284_JaffaCakes118.exe

Resource

win7-20240903-en

discovery evasion

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2605693f44da294d248e867151750284_JaffaCakes118.exe

Resource

win10v2004-20241007-en

discovery evasion

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  2605693f44da294d248e867151750284_JaffaCakes118
- Size
  
  55KB
- MD5
  
  2605693f44da294d248e867151750284
- SHA1
  
  91753d7c1bf80b66eb787f071950c5333229a46c
- SHA256
  
  613374053b2c916c156e3ced8c14564f9af57d1b1ba02a79442e2a87f720c583
- SHA512
  
  befbfc2414857edfafffe83f0e0a1e9f062073c5807cfb972dd2a91b78c67e6112b0cfa9f917b9adbb7ed5c0f35c9730dfe6c5b511cd34b55e72960957cab00a
- SSDEEP
  
  1536:V3cpyORJLuB4P4AJJv4Romu/k58C28hoq:V3c1fP4AJJv45j8C2moq
Score

10^/10

discovery evasion
- Modifies visibility of file extensions in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion

© 2018-2025

Terms | Privacy