Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    25be997c2449063bf5462cb8abafd412_JaffaCakes118

  • Size

    1.6MB

  • Sample

    240508-t4c3tadf7t

  • MD5

    25be997c2449063bf5462cb8abafd412

  • SHA1

    d80b164cb992ea9635ed676b0def2173f6e3c2aa

  • SHA256

    3ffa5267abf04d1b818cdd6925327c205ed664b102e061ae5378d8257034c61d

  • SHA512

    c43a616f6afa6af55512d8b08356c01dcc766473edc24288c5d56175a3cefd1c50df46125a29d970accf1e0bc890cd5badc9ee445288b01ebb25110d57837341

  • SSDEEP

    24576:UuhaWB+eZJ8NI8YBXeZJ8NI8YBXeZJ8NI8YBXeZJ8NI8YiVdKd:bf8L8L8L8YsdKd

Malware Config

Targets

    • Target

      25be997c2449063bf5462cb8abafd412_JaffaCakes118

    • Size

      1.6MB

    • MD5

      25be997c2449063bf5462cb8abafd412

    • SHA1

      d80b164cb992ea9635ed676b0def2173f6e3c2aa

    • SHA256

      3ffa5267abf04d1b818cdd6925327c205ed664b102e061ae5378d8257034c61d

    • SHA512

      c43a616f6afa6af55512d8b08356c01dcc766473edc24288c5d56175a3cefd1c50df46125a29d970accf1e0bc890cd5badc9ee445288b01ebb25110d57837341

    • SSDEEP

      24576:UuhaWB+eZJ8NI8YBXeZJ8NI8YBXeZJ8NI8YBXeZJ8NI8YiVdKd:bf8L8L8L8YsdKd

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks