Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

2e391c25a1...18.exe

windows7-x64

8

2e391c25a1...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e391c25a113b890b3f4dd5dc81230e5_JaffaCakes118

  • Size

    391KB

  • Sample

    241009-ks5t1s1cnr

  • MD5

    2e391c25a113b890b3f4dd5dc81230e5

  • SHA1

    61537ea107c566eeae6d1a476e0feac67c2c21d8

  • SHA256

    bdbac2f17795626b5f2c7174327e118b212eee9ea7f291113661cf91dd5fb59c

  • SHA512

    708a29e55e0e7962b9e039a7e5205210ea689d3dabf36bd43405d96265cfd4a750975ef7a19f4bfe25df9de2da53be9e150f03d84a8433c1f625cd6380825e5a

  • SSDEEP

    6144:OY9GYX5o45hdzgdfmgFL1yISqsZXj3vjw7a144ghCgOVXlfYfpdhZacivDgr+C:OhmjvdzJgFkdj3rGro1mWcirgb

Score
8/10
adwarebootkitdiscoverypersistencestealer

Malware Config

Targets

    • Target

      2e391c25a113b890b3f4dd5dc81230e5_JaffaCakes118

    • Size

      391KB

    • MD5

      2e391c25a113b890b3f4dd5dc81230e5

    • SHA1

      61537ea107c566eeae6d1a476e0feac67c2c21d8

    • SHA256

      bdbac2f17795626b5f2c7174327e118b212eee9ea7f291113661cf91dd5fb59c

    • SHA512

      708a29e55e0e7962b9e039a7e5205210ea689d3dabf36bd43405d96265cfd4a750975ef7a19f4bfe25df9de2da53be9e150f03d84a8433c1f625cd6380825e5a

    • SSDEEP

      6144:OY9GYX5o45hdzgdfmgFL1yISqsZXj3vjw7a144ghCgOVXlfYfpdhZacivDgr+C:OhmjvdzJgFkdj3rGro1mWcirgb

    Score
    8/10
    adwarebootkitdiscoverypersistencestealer

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks