Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

30e89c91bf...18.exe

windows7-x64

8

30e89c91bf...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    30e89c91bf446bb1be725db2da3a51ef_JaffaCakes118

  • Size

    161KB

  • Sample

    241010-t9kpvawarc

  • MD5

    30e89c91bf446bb1be725db2da3a51ef

  • SHA1

    1311d784356df931281cd612f50cf3739de3ec17

  • SHA256

    dc9a7e5b843aab901fd4420c49108a61fb17584c1f8e78aca94e1cfb0ba242cb

  • SHA512

    cc6f7a34dfaef81b80c104be63ada7d5be06f3a0aa4da052a5475ddd6f8acf5b469a5c4408883595174f4d6c351e2d75d4d8b41688c0c283fbaef4df12bfb54a

  • SSDEEP

    1536:CAJZlOzMqcQihjbWpGkpzVKiPfeEGklAn+bQiq3X8tU7SCcKjoUZn/lEoRDBf3:COjOJHYq9PvQn+bQT8i7PBjoUR/lEQ3

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      30e89c91bf446bb1be725db2da3a51ef_JaffaCakes118

    • Size

      161KB

    • MD5

      30e89c91bf446bb1be725db2da3a51ef

    • SHA1

      1311d784356df931281cd612f50cf3739de3ec17

    • SHA256

      dc9a7e5b843aab901fd4420c49108a61fb17584c1f8e78aca94e1cfb0ba242cb

    • SHA512

      cc6f7a34dfaef81b80c104be63ada7d5be06f3a0aa4da052a5475ddd6f8acf5b469a5c4408883595174f4d6c351e2d75d4d8b41688c0c283fbaef4df12bfb54a

    • SSDEEP

      1536:CAJZlOzMqcQihjbWpGkpzVKiPfeEGklAn+bQiq3X8tU7SCcKjoUZn/lEoRDBf3:COjOJHYq9PvQn+bQT8i7PBjoUR/lEQ3

    Score
    8/10
    discoverypersistence

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks