Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    37141d21044b40a776c51cdc13b86899_JaffaCakes118

  • Size

    73KB

  • Sample

    240511-3b1g3sdg2w

  • MD5

    37141d21044b40a776c51cdc13b86899

  • SHA1

    8f987d9c56e12e6641754115cb0d65d6c34e69c6

  • SHA256

    e2fb246070404a9e7f9a42bc88f3429ee9f7bc4470c4ac939db46be21e165287

  • SHA512

    2cb85962acafa8d0ce385917b425f5ede4ab503d1224073aae783e57b5eab3589bd423b47e1c6d7f689c5cce0bf791de84d897fb95ecf64ffd59f30758b4fdcc

  • SSDEEP

    1536:d8cQPMz4GlHNvQYviFSD17fdN85bxYYhVfGAGnNUHORWR:6cQPM8GdNv6ERYLN7SNEKWR

Malware Config

Targets

    • Target

      37141d21044b40a776c51cdc13b86899_JaffaCakes118

    • Size

      73KB

    • MD5

      37141d21044b40a776c51cdc13b86899

    • SHA1

      8f987d9c56e12e6641754115cb0d65d6c34e69c6

    • SHA256

      e2fb246070404a9e7f9a42bc88f3429ee9f7bc4470c4ac939db46be21e165287

    • SHA512

      2cb85962acafa8d0ce385917b425f5ede4ab503d1224073aae783e57b5eab3589bd423b47e1c6d7f689c5cce0bf791de84d897fb95ecf64ffd59f30758b4fdcc

    • SSDEEP

      1536:d8cQPMz4GlHNvQYviFSD17fdN85bxYYhVfGAGnNUHORWR:6cQPM8GdNv6ERYLN7SNEKWR

    • Blocklisted process makes network request

    • Drops startup file

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks