Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e61cede459eeb05a0ae57a029b9693d2_JaffaCakes118

  • Size

    176KB

  • Sample

    240407-3gz4hahh85

  • MD5

    e61cede459eeb05a0ae57a029b9693d2

  • SHA1

    371850d2c47209baec3897893051796f7d1679bf

  • SHA256

    24492885684b0f821f5bd02729f041b3eaf1b713f8bcb1503f951facc153b893

  • SHA512

    bd0d854aca8b0705b066f9bf26e1aff4ffdf7459710fdc1710b27c53c374dccf134873f3a666daf12debc0b5878feabdf1302ea6c24e2a6acdff04bbe6b16389

  • SSDEEP

    3072:ZRKNSIcEGROnFAugPmCXMNKiqMNMZZZZWMkIJD8:6gAtEMNIMNHYy

Score
10/10

Malware Config

Targets

    • Target

      e61cede459eeb05a0ae57a029b9693d2_JaffaCakes118

    • Size

      176KB

    • MD5

      e61cede459eeb05a0ae57a029b9693d2

    • SHA1

      371850d2c47209baec3897893051796f7d1679bf

    • SHA256

      24492885684b0f821f5bd02729f041b3eaf1b713f8bcb1503f951facc153b893

    • SHA512

      bd0d854aca8b0705b066f9bf26e1aff4ffdf7459710fdc1710b27c53c374dccf134873f3a666daf12debc0b5878feabdf1302ea6c24e2a6acdff04bbe6b16389

    • SSDEEP

      3072:ZRKNSIcEGROnFAugPmCXMNKiqMNMZZZZWMkIJD8:6gAtEMNIMNHYy

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks