Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

JaffaCakes...dc.exe

windows7-x64

10

JaffaCakes...dc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_981b953858e6068fc71394b208b751dc

  • Size

    200KB

  • Sample

    250204-zmdwnstkcr

  • MD5

    981b953858e6068fc71394b208b751dc

  • SHA1

    31cbaa37b0f42959bb08eeebf5e1e22f507e3b3e

  • SHA256

    38b4737faebe3449fce04010d510239ad1c8c829f75e596f288f1224967583cc

  • SHA512

    e81994b42def790b7eca27cdae1b7caff7513b026eeb67373420d0ad324cde33d6b6019bcda9cea7254f61590c33647b1749f61dc4314c92c441a9ddc28ede38

  • SSDEEP

    3072:lC/To/0Yxr0tQ9nLHbB9WPliBs2HWWEakGJm9hi:lCmN4QxL7B9WPli+yWWEazH

Score
10/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      JaffaCakes118_981b953858e6068fc71394b208b751dc

    • Size

      200KB

    • MD5

      981b953858e6068fc71394b208b751dc

    • SHA1

      31cbaa37b0f42959bb08eeebf5e1e22f507e3b3e

    • SHA256

      38b4737faebe3449fce04010d510239ad1c8c829f75e596f288f1224967583cc

    • SHA512

      e81994b42def790b7eca27cdae1b7caff7513b026eeb67373420d0ad324cde33d6b6019bcda9cea7254f61590c33647b1749f61dc4314c92c441a9ddc28ede38

    • SSDEEP

      3072:lC/To/0Yxr0tQ9nLHbB9WPliBs2HWWEakGJm9hi:lCmN4QxL7B9WPli+yWWEazH

    Score
    10/10
    defense_evasiondiscoverypersistence

    • Modifies visiblity of hidden/system files in Explorer

      defense_evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks