Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3a722b63df18af6aa92d011b1f022b33_JaffaCakes118

  • Size

    468KB

  • Sample

    240512-q68qqacd74

  • MD5

    3a722b63df18af6aa92d011b1f022b33

  • SHA1

    0a573f0f206654cd3f72c856ad6493ebf67b2d52

  • SHA256

    b21240e42743ad8134856fd723dd8d516f462f5391ae6e1fcc01d4e21e27a2c9

  • SHA512

    3bd398eae12fb4b999c36f4064636f225bb7b84c4b5f31cea46843ebb962615a9343c800d45c3cde5a6266bcfacd3442b5ea29d6cfa8c1453171b57b1f572f63

  • SSDEEP

    6144:UZfec9EbXDk6RkUKJrG1VVE+IgrG1VVE+Iel+lXDZJfLufs73dOk0XDpNjNOpysC:UZWtI6RkjuHureZJys73dOvXDpNjNe8r

Malware Config

Targets

    • Target

      3a722b63df18af6aa92d011b1f022b33_JaffaCakes118

    • Size

      468KB

    • MD5

      3a722b63df18af6aa92d011b1f022b33

    • SHA1

      0a573f0f206654cd3f72c856ad6493ebf67b2d52

    • SHA256

      b21240e42743ad8134856fd723dd8d516f462f5391ae6e1fcc01d4e21e27a2c9

    • SHA512

      3bd398eae12fb4b999c36f4064636f225bb7b84c4b5f31cea46843ebb962615a9343c800d45c3cde5a6266bcfacd3442b5ea29d6cfa8c1453171b57b1f572f63

    • SSDEEP

      6144:UZfec9EbXDk6RkUKJrG1VVE+IgrG1VVE+Iel+lXDZJfLufs73dOk0XDpNjNOpysC:UZWtI6RkjuHureZJys73dOvXDpNjNe8r

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks