013d9902e74c6a2e2c9830361d00dca773bf28e5db7f22eb5618b02e2ffcb646 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

464d0df40e...18.exe

windows7-x64

7

464d0df40e...18.exe

windows10-2004-x64

7

Sharing

General

Target

464d0df40e812b559193270a015096de_JaffaCakes118
Size

228KB
Sample

241015-hd1kmszepf
MD5

464d0df40e812b559193270a015096de
SHA1

c99b6aef26c3d2dbb757ae9f059ccfa94e60908a
SHA256

013d9902e74c6a2e2c9830361d00dca773bf28e5db7f22eb5618b02e2ffcb646
SHA512

f1dc26eda36d83fa633c0671695ae033438dd17e878321c0aedb0189bafcec9e297578ee24507937d5e97a8b268b1ef93ee86d9781d0ad3149da88f1003035d0
SSDEEP

6144:GclnqLykWN4Sl52tIbWeA+Slppx7wVANJmc:GAnqLybcIytPw

Score

7^/10

discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

464d0df40e812b559193270a015096de_JaffaCakes118.exe

Resource

win7-20240903-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

464d0df40e812b559193270a015096de_JaffaCakes118.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  464d0df40e812b559193270a015096de_JaffaCakes118
- Size
  
  228KB
- MD5
  
  464d0df40e812b559193270a015096de
- SHA1
  
  c99b6aef26c3d2dbb757ae9f059ccfa94e60908a
- SHA256
  
  013d9902e74c6a2e2c9830361d00dca773bf28e5db7f22eb5618b02e2ffcb646
- SHA512
  
  f1dc26eda36d83fa633c0671695ae033438dd17e878321c0aedb0189bafcec9e297578ee24507937d5e97a8b268b1ef93ee86d9781d0ad3149da88f1003035d0
- SSDEEP
  
  6144:GclnqLykWN4Sl52tIbWeA+Slppx7wVANJmc:GAnqLybcIytPw
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy