Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e585d6a51805cc6107530084dabd8c27_JaffaCakes118

  • Size

    4.6MB

  • Sample

    240407-wj98xsaf92

  • MD5

    e585d6a51805cc6107530084dabd8c27

  • SHA1

    4d4160462ea80e7ba35f4128864f46f2feb7979f

  • SHA256

    bf7c8a09e4cba16df6245e51e029e0a8a11849702f4eb5f7d80fb3c8ebccef36

  • SHA512

    47537b30dcf4dafa99e6f76dc8439f65f1eddc00156aecccc873b42f0f3f0a1c8db6f99b66b6a86b94abac15ea68b5a7e9ed34c83f53a4d3b5b3a61b6eb5671a

  • SSDEEP

    98304:3ZLp3wC7efv4r8NZHvdD6f697uVybQkio7IbdOgErPIDguDO3tV:3P3wC7eH4r8NZPh6i9iOkRErID9K3tV

Score
7/10

Malware Config

Targets

    • Target

      e585d6a51805cc6107530084dabd8c27_JaffaCakes118

    • Size

      4.6MB

    • MD5

      e585d6a51805cc6107530084dabd8c27

    • SHA1

      4d4160462ea80e7ba35f4128864f46f2feb7979f

    • SHA256

      bf7c8a09e4cba16df6245e51e029e0a8a11849702f4eb5f7d80fb3c8ebccef36

    • SHA512

      47537b30dcf4dafa99e6f76dc8439f65f1eddc00156aecccc873b42f0f3f0a1c8db6f99b66b6a86b94abac15ea68b5a7e9ed34c83f53a4d3b5b3a61b6eb5671a

    • SSDEEP

      98304:3ZLp3wC7efv4r8NZHvdD6f697uVybQkio7IbdOgErPIDguDO3tV:3P3wC7eH4r8NZPh6i9iOkRErID9K3tV

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks