Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e5871adb818bad139af5549eedb6bf91_JaffaCakes118

  • Size

    50KB

  • Sample

    240407-wl4txsag63

  • MD5

    e5871adb818bad139af5549eedb6bf91

  • SHA1

    ea2a882511c2816d6bcecc8a46ac6b0c8dedacb3

  • SHA256

    dab1de3dc0def76bbb09a9d9a2a3915c5f25bfc93cbf565a66a7cbb336fd134e

  • SHA512

    419e4c526d26bfefe10c679a7209e98b31ff6405844dd92a9a0299e8e7859ad5500c879506c9a0deb013614cb7c9baaca0365ba6961aaae54096a4cf790eb94c

  • SSDEEP

    1536:EFI1MSPNRTazf32GH2u0B5QsNh/M/f/i8AC:2BS1RTcm4w5lUXK8A

Score
10/10

Malware Config

Targets

    • Target

      e5871adb818bad139af5549eedb6bf91_JaffaCakes118

    • Size

      50KB

    • MD5

      e5871adb818bad139af5549eedb6bf91

    • SHA1

      ea2a882511c2816d6bcecc8a46ac6b0c8dedacb3

    • SHA256

      dab1de3dc0def76bbb09a9d9a2a3915c5f25bfc93cbf565a66a7cbb336fd134e

    • SHA512

      419e4c526d26bfefe10c679a7209e98b31ff6405844dd92a9a0299e8e7859ad5500c879506c9a0deb013614cb7c9baaca0365ba6961aaae54096a4cf790eb94c

    • SSDEEP

      1536:EFI1MSPNRTazf32GH2u0B5QsNh/M/f/i8AC:2BS1RTcm4w5lUXK8A

    Score
    10/10
    • Adds autorun key to be loaded by Explorer.exe on startup

    • Sets file execution options in registry

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks