Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2a86f92de01e3f08e0af59aabc9a13bf_JaffaCakes118

  • Size

    603KB

  • Sample

    240509-sethtsah26

  • MD5

    2a86f92de01e3f08e0af59aabc9a13bf

  • SHA1

    c621434e087c27091890349ff1cc91909962da02

  • SHA256

    d56069151528d45e4a56df5fd28ef9c6f9a67493415ecebfafaa76bc8fa03b72

  • SHA512

    334c66628c3219fcc56a2a41a5941c64eac11fb87537b12bd535e3b1f4d60460195ab676edd17e51697042f608687f0496ada8fa1ac12cfec23e989c69fd164d

  • SSDEEP

    12288:UZWtI6RkTBoaKeZJys73dOvXDpNjNe8hs/orOuD6:UuhaTBvKeZJ8NI8hO4Zu

Malware Config

Targets

    • Target

      2a86f92de01e3f08e0af59aabc9a13bf_JaffaCakes118

    • Size

      603KB

    • MD5

      2a86f92de01e3f08e0af59aabc9a13bf

    • SHA1

      c621434e087c27091890349ff1cc91909962da02

    • SHA256

      d56069151528d45e4a56df5fd28ef9c6f9a67493415ecebfafaa76bc8fa03b72

    • SHA512

      334c66628c3219fcc56a2a41a5941c64eac11fb87537b12bd535e3b1f4d60460195ab676edd17e51697042f608687f0496ada8fa1ac12cfec23e989c69fd164d

    • SSDEEP

      12288:UZWtI6RkTBoaKeZJys73dOvXDpNjNe8hs/orOuD6:UuhaTBvKeZJ8NI8hO4Zu

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks