Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    04c918a7f968b066e85f7390642a5204_JaffaCakes118

  • Size

    512KB

  • Sample

    240428-kfn1qsca3s

  • MD5

    04c918a7f968b066e85f7390642a5204

  • SHA1

    5703f4cafbdd729355e053c19ef57ff5dcacd8ef

  • SHA256

    12e1f2962c590d737465a2e6c1213645f598eb587192dbb472352d3e63686197

  • SHA512

    e4604016a52993ac2dc08447affe0b0146795d795b1fe3e4bccaa049fee1a19a3950ee5e5f26eacdb3ec282c7a53fa2e91490b08c90e441ba519d20d7af9637b

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4x:0+h9OY70z+warul3E4x

Score
9/10

Malware Config

Targets

    • Target

      04c918a7f968b066e85f7390642a5204_JaffaCakes118

    • Size

      512KB

    • MD5

      04c918a7f968b066e85f7390642a5204

    • SHA1

      5703f4cafbdd729355e053c19ef57ff5dcacd8ef

    • SHA256

      12e1f2962c590d737465a2e6c1213645f598eb587192dbb472352d3e63686197

    • SHA512

      e4604016a52993ac2dc08447affe0b0146795d795b1fe3e4bccaa049fee1a19a3950ee5e5f26eacdb3ec282c7a53fa2e91490b08c90e441ba519d20d7af9637b

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4x:0+h9OY70z+warul3E4x

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks