Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c3800397f17eef5cdd465ef4f1894bda_JaffaCakes118

  • Size

    15.9MB

  • Sample

    240404-2gnvsscf93

  • MD5

    c3800397f17eef5cdd465ef4f1894bda

  • SHA1

    6d2deef42bd2d50774a4552bee2717ec1b258d7a

  • SHA256

    abfe3302b378fa5acb30625ff27410f9fdc604377006567451bec920ebcebadc

  • SHA512

    db299041781a2e2b40d8e4ca6f81a8a656dcd1e9106a2104517fcceeb306ffe7af7423355f40c5755879f195ba00fa8c637d31bdf1cad4cf81b793ba72d30137

  • SSDEEP

    393216:5g7uvg7uvg7uvg7uvg7uvg7uvg7uvg7uN:aS4S4S4S4S4S4S4SN

Score
7/10

Malware Config

Targets

    • Target

      c3800397f17eef5cdd465ef4f1894bda_JaffaCakes118

    • Size

      15.9MB

    • MD5

      c3800397f17eef5cdd465ef4f1894bda

    • SHA1

      6d2deef42bd2d50774a4552bee2717ec1b258d7a

    • SHA256

      abfe3302b378fa5acb30625ff27410f9fdc604377006567451bec920ebcebadc

    • SHA512

      db299041781a2e2b40d8e4ca6f81a8a656dcd1e9106a2104517fcceeb306ffe7af7423355f40c5755879f195ba00fa8c637d31bdf1cad4cf81b793ba72d30137

    • SSDEEP

      393216:5g7uvg7uvg7uvg7uvg7uvg7uvg7uvg7uN:aS4S4S4S4S4S4S4SN

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks