Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0f6a9323445648266b8eeb94b9a745a9_JaffaCakes118

  • Size

    675KB

  • Sample

    240503-ce7sfsed92

  • MD5

    0f6a9323445648266b8eeb94b9a745a9

  • SHA1

    6ab0c017ae1616d59064400713ae790849329041

  • SHA256

    15a7c860882d3ce8c5e17bf3116d4b2d807fec295586bbbe00a8ccb83f2fb719

  • SHA512

    4b741fe1569a3368179d9e6a1aa9c518d2012beb1ec2fe323d3802b08a7dfe1fa27a700d192bc8577bbddda99449dee99291fa5a0170d1b1b84a0cec0d80ceb7

  • SSDEEP

    12288:vNxt2GCQZwqLIMRBeZHaElEZlBiZGXEtdrIsydYSYjXDwiYhT+63L:1xt2n6IQ2aEiriZUEtqr+ljXUiYF+63L

Score
9/10

Malware Config

Targets

    • Target

      0f6a9323445648266b8eeb94b9a745a9_JaffaCakes118

    • Size

      675KB

    • MD5

      0f6a9323445648266b8eeb94b9a745a9

    • SHA1

      6ab0c017ae1616d59064400713ae790849329041

    • SHA256

      15a7c860882d3ce8c5e17bf3116d4b2d807fec295586bbbe00a8ccb83f2fb719

    • SHA512

      4b741fe1569a3368179d9e6a1aa9c518d2012beb1ec2fe323d3802b08a7dfe1fa27a700d192bc8577bbddda99449dee99291fa5a0170d1b1b84a0cec0d80ceb7

    • SSDEEP

      12288:vNxt2GCQZwqLIMRBeZHaElEZlBiZGXEtdrIsydYSYjXDwiYhT+63L:1xt2n6IQ2aEiriZUEtqr+ljXUiYF+63L

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks