Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eadc7ccc7032879c147cf3b214b9a663_JaffaCakes118

  • Size

    730KB

  • Sample

    240410-mkcvdace63

  • MD5

    eadc7ccc7032879c147cf3b214b9a663

  • SHA1

    f4f4bd5c6737b15750adfdd36d95f223b88aea4f

  • SHA256

    6270352f7c4380be8dc385a5cdfab6d9f7d1e1462ba7d073c744cdf0f02b1c96

  • SHA512

    5b38a344f47392cba47b3d7d8a67eb5a606416b982f237d852547241d9bf9717591893bebce5b15e531e7381444b9eb207e76828b71c73c498296c5c868d57ca

  • SSDEEP

    12288:i9UAnhPd6qmvCLAsShDHA8jgn7qkDBzYzEBODFkMO+EEuKmY0O7XlZHPyQtuMlCh:i9UAxd69K8NhDvY7q2Y75/uW57XLqQRq

Score
7/10

Malware Config

Targets

    • Target

      eadc7ccc7032879c147cf3b214b9a663_JaffaCakes118

    • Size

      730KB

    • MD5

      eadc7ccc7032879c147cf3b214b9a663

    • SHA1

      f4f4bd5c6737b15750adfdd36d95f223b88aea4f

    • SHA256

      6270352f7c4380be8dc385a5cdfab6d9f7d1e1462ba7d073c744cdf0f02b1c96

    • SHA512

      5b38a344f47392cba47b3d7d8a67eb5a606416b982f237d852547241d9bf9717591893bebce5b15e531e7381444b9eb207e76828b71c73c498296c5c868d57ca

    • SSDEEP

      12288:i9UAnhPd6qmvCLAsShDHA8jgn7qkDBzYzEBODFkMO+EEuKmY0O7XlZHPyQtuMlCh:i9UAxd69K8NhDvY7q2Y75/uW57XLqQRq

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks