Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f51892f6d4ee376d5b2472d51e5a6729_JaffaCakes118

  • Size

    494KB

  • Sample

    240417-frl83afh91

  • MD5

    f51892f6d4ee376d5b2472d51e5a6729

  • SHA1

    e68bc433795b01e2844f70dabaf512a519daadcd

  • SHA256

    11742b1b7437e34b15baafe3e44a7cf5a14d9b149ddb87499c42dd9fdbd5661a

  • SHA512

    f878b9f065894e0fe6449c0c1ca7fee4f1aacebc8925067d4af053bd7af0972dbce9a47814d864387fad13d7dad60352596c9975a177a1111aa5e79f6f0ad92f

  • SSDEEP

    12288:mnKfyxV2ImdvPGBFfi8WuJ6+1x0KCYT88VtX0n:WKfwV2HtPgFfN9/pD4

Score
9/10

Malware Config

Targets

    • Target

      f51892f6d4ee376d5b2472d51e5a6729_JaffaCakes118

    • Size

      494KB

    • MD5

      f51892f6d4ee376d5b2472d51e5a6729

    • SHA1

      e68bc433795b01e2844f70dabaf512a519daadcd

    • SHA256

      11742b1b7437e34b15baafe3e44a7cf5a14d9b149ddb87499c42dd9fdbd5661a

    • SHA512

      f878b9f065894e0fe6449c0c1ca7fee4f1aacebc8925067d4af053bd7af0972dbce9a47814d864387fad13d7dad60352596c9975a177a1111aa5e79f6f0ad92f

    • SSDEEP

      12288:mnKfyxV2ImdvPGBFfi8WuJ6+1x0KCYT88VtX0n:WKfwV2HtPgFfN9/pD4

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks