Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

2f63cb3c04...18.exe

windows7-x64

10

2f63cb3c04...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2f63cb3c04fdc2f7aaf66cf9fdb880c8_JaffaCakes118

  • Size

    288KB

  • Sample

    241009-medjqatcpd

  • MD5

    2f63cb3c04fdc2f7aaf66cf9fdb880c8

  • SHA1

    40a3b3c2bbe844f98e46ce7d396b8f975b39de87

  • SHA256

    dce74a57cd0626c7e7e68be2c39dd1e07846b7e2331da3480162c9589d06eed3

  • SHA512

    94158cf425b64ef48fce0e8b3346ee577e41e547933024c4d7c419b2517dcb10a1302c11a70fc7c3e8854b7db3b8a919e49a675053f75ce22bf0b1996d4469db

  • SSDEEP

    6144:d71Qc0f7XP+g3AGJpWVzujmI8nQOsPVKnvmb7/D26Mbj/R8SUHAgOTTMEtBTTlma:/27/XvLWpuinQOsPVKnvmb7/D26MHUHQ

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      2f63cb3c04fdc2f7aaf66cf9fdb880c8_JaffaCakes118

    • Size

      288KB

    • MD5

      2f63cb3c04fdc2f7aaf66cf9fdb880c8

    • SHA1

      40a3b3c2bbe844f98e46ce7d396b8f975b39de87

    • SHA256

      dce74a57cd0626c7e7e68be2c39dd1e07846b7e2331da3480162c9589d06eed3

    • SHA512

      94158cf425b64ef48fce0e8b3346ee577e41e547933024c4d7c419b2517dcb10a1302c11a70fc7c3e8854b7db3b8a919e49a675053f75ce22bf0b1996d4469db

    • SSDEEP

      6144:d71Qc0f7XP+g3AGJpWVzujmI8nQOsPVKnvmb7/D26Mbj/R8SUHAgOTTMEtBTTlma:/27/XvLWpuinQOsPVKnvmb7/D26MHUHQ

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks