Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4911fc37673007d439c67be9604f3b2c_JaffaCakes118

  • Size

    787KB

  • Sample

    240516-clbzcsgb25

  • MD5

    4911fc37673007d439c67be9604f3b2c

  • SHA1

    518e80cb9a4f6f183854da5824569270b8b31302

  • SHA256

    32135e2432b6ed186924501934395d0eb5c573bb9d761f794fdde498a7380f42

  • SHA512

    28b6945ae8e77c8da66ac3f074a11ebd12c15778392c29d9f7a2ae3e200c9268df07d34672afa84850474b68a6de35cf0502a1724f0c215f383d07c8b68c237a

  • SSDEEP

    12288:UZWtI6RkjJ+erQZb+md4w1UieZJys73dOvXDpNjNe8r:UuhajJ+erQZb+md4wmieZJ8NI8r

Malware Config

Targets

    • Target

      4911fc37673007d439c67be9604f3b2c_JaffaCakes118

    • Size

      787KB

    • MD5

      4911fc37673007d439c67be9604f3b2c

    • SHA1

      518e80cb9a4f6f183854da5824569270b8b31302

    • SHA256

      32135e2432b6ed186924501934395d0eb5c573bb9d761f794fdde498a7380f42

    • SHA512

      28b6945ae8e77c8da66ac3f074a11ebd12c15778392c29d9f7a2ae3e200c9268df07d34672afa84850474b68a6de35cf0502a1724f0c215f383d07c8b68c237a

    • SSDEEP

      12288:UZWtI6RkjJ+erQZb+md4w1UieZJys73dOvXDpNjNe8r:UuhajJ+erQZb+md4wmieZJ8NI8r

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks