Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f4faa2731de4be0d1d5fd426d5c0edf3_JaffaCakes118

  • Size

    701KB

  • Sample

    240417-egtpqaee4z

  • MD5

    f4faa2731de4be0d1d5fd426d5c0edf3

  • SHA1

    f7268519ff19b8eed72c78010a0671656b47665e

  • SHA256

    ed94916f042d09389b560f0f4818c57e8c5c6c3cfab5a866fb0759af98a6fb18

  • SHA512

    cfe37d88d3ce6c82c684ef90461a216f72681fa041f63fabfa928523b3f20ad7db5c9ded1544fcc45a49554af8929c4c2f5c4ddaf0516f6b8af06fdfb7427a32

  • SSDEEP

    12288:3ZWtI6RkGOB0fOjOB0SE1zRRaMMMMM2MMMMMaD:3uhaGOZOc1zRRaMMMMM2MMMMMM

Score
10/10

Malware Config

Targets

    • Target

      f4faa2731de4be0d1d5fd426d5c0edf3_JaffaCakes118

    • Size

      701KB

    • MD5

      f4faa2731de4be0d1d5fd426d5c0edf3

    • SHA1

      f7268519ff19b8eed72c78010a0671656b47665e

    • SHA256

      ed94916f042d09389b560f0f4818c57e8c5c6c3cfab5a866fb0759af98a6fb18

    • SHA512

      cfe37d88d3ce6c82c684ef90461a216f72681fa041f63fabfa928523b3f20ad7db5c9ded1544fcc45a49554af8929c4c2f5c4ddaf0516f6b8af06fdfb7427a32

    • SSDEEP

      12288:3ZWtI6RkGOB0fOjOB0SE1zRRaMMMMM2MMMMMaD:3uhaGOZOc1zRRaMMMMM2MMMMMM

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks