Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fdd5ce4bb9c082876d8d21418a1213b8_JaffaCakes118

  • Size

    415KB

  • Sample

    240420-2sw1jsca56

  • MD5

    fdd5ce4bb9c082876d8d21418a1213b8

  • SHA1

    d1adc3402d8d5e7087a5bf078649fb4bc9079161

  • SHA256

    66604b81d14466aae5f161ea2d57f3db1f492e4a492e6042d21fed03fbf3408f

  • SHA512

    9f7b5722ed4669b58723ee59ece2d5e0cd118b0f0a9b4f68a6352411d8da092743de1211a26172b87f231d9e96f8044ab16e602be3041d1ea62bebed40616a13

  • SSDEEP

    12288:dAmsLPAUO1uz0jbgeebXUxzFWuzaap73t5:+mscXM+j2kWI3t5

Malware Config

Targets

    • Target

      fdd5ce4bb9c082876d8d21418a1213b8_JaffaCakes118

    • Size

      415KB

    • MD5

      fdd5ce4bb9c082876d8d21418a1213b8

    • SHA1

      d1adc3402d8d5e7087a5bf078649fb4bc9079161

    • SHA256

      66604b81d14466aae5f161ea2d57f3db1f492e4a492e6042d21fed03fbf3408f

    • SHA512

      9f7b5722ed4669b58723ee59ece2d5e0cd118b0f0a9b4f68a6352411d8da092743de1211a26172b87f231d9e96f8044ab16e602be3041d1ea62bebed40616a13

    • SSDEEP

      12288:dAmsLPAUO1uz0jbgeebXUxzFWuzaap73t5:+mscXM+j2kWI3t5

    • Disables Task Manager via registry modification

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks