Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5be51ac7aab7159a65ee951627ed7f53_JaffaCakes118

  • Size

    39.4MB

  • Sample

    240519-2sx8lsfc84

  • MD5

    5be51ac7aab7159a65ee951627ed7f53

  • SHA1

    13312d931d36067acc8a22414686447bb2d2aefc

  • SHA256

    34d23b0c790ea593f39f467e53ee5ba69e617911a458be33d895979e9276b84e

  • SHA512

    a303221396aceb76bfe9d1b34c005dd8a02b3b38b663bd7be88e9c457e6f3edb94663eb13e04619187012b81b3ee769895d6db136f58559e7dc8473235c3a9cc

  • SSDEEP

    786432:dkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHT:dsdqqez9H7wWPRt3f3bXo1wN9

Malware Config

Targets

    • Target

      5be51ac7aab7159a65ee951627ed7f53_JaffaCakes118

    • Size

      39.4MB

    • MD5

      5be51ac7aab7159a65ee951627ed7f53

    • SHA1

      13312d931d36067acc8a22414686447bb2d2aefc

    • SHA256

      34d23b0c790ea593f39f467e53ee5ba69e617911a458be33d895979e9276b84e

    • SHA512

      a303221396aceb76bfe9d1b34c005dd8a02b3b38b663bd7be88e9c457e6f3edb94663eb13e04619187012b81b3ee769895d6db136f58559e7dc8473235c3a9cc

    • SSDEEP

      786432:dkxc4BiiqqeuC9H607Yd0FPAwt3f3DXXo1wg+37TLYVzvWVHT:dsdqqez9H7wWPRt3f3bXo1wN9

    • Modifies firewall policy service

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks