Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2102a18ff6cba85e69ae35b634f39be0_JaffaCakes118

  • Size

    538KB

  • Sample

    240507-tkjq9age36

  • MD5

    2102a18ff6cba85e69ae35b634f39be0

  • SHA1

    98aad628983d486d3922bf5804aaceb2bd6c6bb1

  • SHA256

    36ea9326d29c2f86a66a6dc1e878165c1239262493939b54dd27fd2eba05d0b4

  • SHA512

    59942455cee01061e8542258e2f7264b66f2a24aa6cd23187011c7979a608cc09ee19150c7a4dcf987e80f90c77d1ee61e4420fb979b47616a58b3522bb14edb

  • SSDEEP

    12288:6Yhcq8xzZTkQ4DDfO+lDp5QBooT3oDznHbUl0il67L5:BhcTZTaDfXNQCrPbGa/5

Score
9/10

Malware Config

Targets

    • Target

      2102a18ff6cba85e69ae35b634f39be0_JaffaCakes118

    • Size

      538KB

    • MD5

      2102a18ff6cba85e69ae35b634f39be0

    • SHA1

      98aad628983d486d3922bf5804aaceb2bd6c6bb1

    • SHA256

      36ea9326d29c2f86a66a6dc1e878165c1239262493939b54dd27fd2eba05d0b4

    • SHA512

      59942455cee01061e8542258e2f7264b66f2a24aa6cd23187011c7979a608cc09ee19150c7a4dcf987e80f90c77d1ee61e4420fb979b47616a58b3522bb14edb

    • SSDEEP

      12288:6Yhcq8xzZTkQ4DDfO+lDp5QBooT3oDznHbUl0il67L5:BhcTZTaDfXNQCrPbGa/5

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks