Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    61c07b94aa1b119e673c69838173ec9b_JaffaCakes118

  • Size

    2.0MB

  • Sample

    240521-cyrwcafd4w

  • MD5

    61c07b94aa1b119e673c69838173ec9b

  • SHA1

    fff5dc6b40eedc988c615538c1bf2b03bb187680

  • SHA256

    daeabb4f77670f7b24e89bf05e25bd5d17c5679fb6f3fa5baee1ba2d27ae9220

  • SHA512

    f3758568f3706bf9c89e74669b472f1853a5d0694af4e2bb466154f1a9ba0ce75b0ad1a0b9cb3c0a60a81b96a758e4a4c80e1f60d93982ee98d13ff7b3f1f988

  • SSDEEP

    49152:cUwT0VCJYbHkap4puMVV+cNOQTkcUK77ny+A+hAC/PjyOiPmYa/imLQbf:0WK+HfVUxOQTkRKXdA+JzyOYmFVQbf

Score
8/10

Malware Config

Targets

    • Target

      61c07b94aa1b119e673c69838173ec9b_JaffaCakes118

    • Size

      2.0MB

    • MD5

      61c07b94aa1b119e673c69838173ec9b

    • SHA1

      fff5dc6b40eedc988c615538c1bf2b03bb187680

    • SHA256

      daeabb4f77670f7b24e89bf05e25bd5d17c5679fb6f3fa5baee1ba2d27ae9220

    • SHA512

      f3758568f3706bf9c89e74669b472f1853a5d0694af4e2bb466154f1a9ba0ce75b0ad1a0b9cb3c0a60a81b96a758e4a4c80e1f60d93982ee98d13ff7b3f1f988

    • SSDEEP

      49152:cUwT0VCJYbHkap4puMVV+cNOQTkcUK77ny+A+hAC/PjyOiPmYa/imLQbf:0WK+HfVUxOQTkRKXdA+JzyOYmFVQbf

    Score
    8/10
    • Blocklisted process makes network request

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks