Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

3ebb8c2a94...18.exe

windows7-x64

7

3ebb8c2a94...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3ebb8c2a94a2ce51f752cd809fd3d697_JaffaCakes118

  • Size

    269KB

  • Sample

    241013-j14fgs1apq

  • MD5

    3ebb8c2a94a2ce51f752cd809fd3d697

  • SHA1

    44f8da9685fa727dcd0546e3b75a86e06bc4a6ca

  • SHA256

    88a6a4a7d032aa408de5f31093239c4955234af819322983673ba2c098d09318

  • SHA512

    1130b6dfc6ea57692a16bef462308502c9369e9e7589eb7f8252b597088e81a3e6ba26cd9c28f469c623e7f6074146063223b9a28a035dc8c8844f6974cf6bbd

  • SSDEEP

    3072:ZYUb5QoJ4g+Ri+Zj6Iz1ZdW4SrO7FSVpuJOJ:ZY7xh6SZI4z7FSVpuJg

Score
7/10
defense_evasiondiscoverypersistenceprivilege_escalation

Malware Config

Targets

    • Target

      3ebb8c2a94a2ce51f752cd809fd3d697_JaffaCakes118

    • Size

      269KB

    • MD5

      3ebb8c2a94a2ce51f752cd809fd3d697

    • SHA1

      44f8da9685fa727dcd0546e3b75a86e06bc4a6ca

    • SHA256

      88a6a4a7d032aa408de5f31093239c4955234af819322983673ba2c098d09318

    • SHA512

      1130b6dfc6ea57692a16bef462308502c9369e9e7589eb7f8252b597088e81a3e6ba26cd9c28f469c623e7f6074146063223b9a28a035dc8c8844f6974cf6bbd

    • SSDEEP

      3072:ZYUb5QoJ4g+Ri+Zj6Iz1ZdW4SrO7FSVpuJOJ:ZY7xh6SZI4z7FSVpuJg

    Score
    7/10
    defense_evasiondiscoverypersistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks