Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e2bbffaa2ba0a1185b75b46151c2488a_JaffaCakes118

  • Size

    192KB

  • Sample

    240406-rqdfbacc5s

  • MD5

    e2bbffaa2ba0a1185b75b46151c2488a

  • SHA1

    82c2a371bd570c178839745517dec136baef9592

  • SHA256

    07b7539bbbfdbc2a4923bf2827e67d85dded1882b5f9f9d58f459933a2be7e68

  • SHA512

    0dc5131ed419e211a42e21313e38b42a84f63c7964c9807a2f27d22d6524dea12307fbd7a2f8a70a8ed41a6e21d88a0e8965a483e9ab4a6d3afeff17d49222ba

  • SSDEEP

    3072:Wyo4V4s1eQx755RCaFSoc98/yqeR9Kf5L/SV5qK:P/jCaFSoc93RC5L/hK

Score
10/10

Malware Config

Targets

    • Target

      e2bbffaa2ba0a1185b75b46151c2488a_JaffaCakes118

    • Size

      192KB

    • MD5

      e2bbffaa2ba0a1185b75b46151c2488a

    • SHA1

      82c2a371bd570c178839745517dec136baef9592

    • SHA256

      07b7539bbbfdbc2a4923bf2827e67d85dded1882b5f9f9d58f459933a2be7e68

    • SHA512

      0dc5131ed419e211a42e21313e38b42a84f63c7964c9807a2f27d22d6524dea12307fbd7a2f8a70a8ed41a6e21d88a0e8965a483e9ab4a6d3afeff17d49222ba

    • SSDEEP

      3072:Wyo4V4s1eQx755RCaFSoc98/yqeR9Kf5L/SV5qK:P/jCaFSoc93RC5L/hK

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks