2f0561ca66243dce8d067b61cd398117037e42d0d1c98d64d8533794499dbef7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

3021bebe0a...18.dll

windows7-x64

3021bebe0a...18.dll

windows10-2004-x64

3

Sharing

General

Target

3021bebe0ad697645610da95b58a2c67_JaffaCakes118
Size

95KB
Sample

241010-qwgt9atckr
MD5

3021bebe0ad697645610da95b58a2c67
SHA1

cb16838cc50a10dcaae556ed18f166f3156fb1e1
SHA256

2f0561ca66243dce8d067b61cd398117037e42d0d1c98d64d8533794499dbef7
SHA512

02913aa9888b6d9d9191b43d9808d664ff271045d0dd44ba395fc956729886c5e7271691b66b0ebbb7eeb69c2580b9abb31a1aa7cb2425cb4c5f2764e35d213d
SSDEEP

1536:QLNmUOWTi0OFAAK1m3FJ/4RTQg2ImVFiLo5XL20y0Pikclr:uTPOaAKsFJQRTQPIUV1Pit

Score

8^/10

discovery persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3021bebe0ad697645610da95b58a2c67_JaffaCakes118.dll

Resource

win7-20240903-en

discovery persistence upx

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

3021bebe0ad697645610da95b58a2c67_JaffaCakes118.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  3021bebe0ad697645610da95b58a2c67_JaffaCakes118
- Size
  
  95KB
- MD5
  
  3021bebe0ad697645610da95b58a2c67
- SHA1
  
  cb16838cc50a10dcaae556ed18f166f3156fb1e1
- SHA256
  
  2f0561ca66243dce8d067b61cd398117037e42d0d1c98d64d8533794499dbef7
- SHA512
  
  02913aa9888b6d9d9191b43d9808d664ff271045d0dd44ba395fc956729886c5e7271691b66b0ebbb7eeb69c2580b9abb31a1aa7cb2425cb4c5f2764e35d213d
- SSDEEP
  
  1536:QLNmUOWTi0OFAAK1m3FJ/4RTQg2ImVFiLo5XL20y0Pikclr:uTPOaAKsFJQRTQPIUV1Pit
Score

8^/10

discovery persistence upx
- Blocklisted process makes network request
- Server Software Component: Terminal Services DLL
  persistence
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Server Software Component

Terminal Services DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceupx

behavioral2

© 2018-2025

Terms | Privacy