Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1ffc8bb97af9f908655894fbf8a93064_JaffaCakes118

  • Size

    277KB

  • Sample

    240507-j1z33afh4v

  • MD5

    1ffc8bb97af9f908655894fbf8a93064

  • SHA1

    9679508979e389fb5c287957c817bb979e06d902

  • SHA256

    5c197a3050357890623e49dff313b1189d61c7902cb97145bcdb9bb6433d7e67

  • SHA512

    7883a5a75fb57f9971081e5a23b7cee742e96e82877df3c97c87a842298d5ba47133f969c2f606ce94c06d30d191bf3925c981342d984299c9201d58975c45d1

  • SSDEEP

    6144:t6WAf0enplUTOTHvnajRoe0e0jlS4kAEy5fJ:t6pMylUTOTHvajiy0BXkOxJ

Score
10/10

Malware Config

Targets

    • Target

      1ffc8bb97af9f908655894fbf8a93064_JaffaCakes118

    • Size

      277KB

    • MD5

      1ffc8bb97af9f908655894fbf8a93064

    • SHA1

      9679508979e389fb5c287957c817bb979e06d902

    • SHA256

      5c197a3050357890623e49dff313b1189d61c7902cb97145bcdb9bb6433d7e67

    • SHA512

      7883a5a75fb57f9971081e5a23b7cee742e96e82877df3c97c87a842298d5ba47133f969c2f606ce94c06d30d191bf3925c981342d984299c9201d58975c45d1

    • SSDEEP

      6144:t6WAf0enplUTOTHvnajRoe0e0jlS4kAEy5fJ:t6pMylUTOTHvajiy0BXkOxJ

    Score
    10/10
    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Enterprise v15

Tasks