Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7aec967dd54cf87da378e562a22ef28c_JaffaCakes118

  • Size

    628KB

  • Sample

    240527-3g5zraea7y

  • MD5

    7aec967dd54cf87da378e562a22ef28c

  • SHA1

    b5dca08e9d6517c808965ba2fb5f7653781a8e03

  • SHA256

    2159804e12c593ad645c7b12daac8e7cda81d6ece393bd62142e3be48beb5e2d

  • SHA512

    3e2a1c24fec29776fb909682285d6cf5d671db246859a10d402398d6c328025560971474771699aa51acbe4c1eb3e7e01145c73bf55a1d34b57066df08eb65fb

  • SSDEEP

    12288:gkCYlj6zw6/Oyq60pBuAGDgvN4wCC58MD7roqPdFlCT3SYhR21HtUrKZ:BCYljQI60poHqmwCC5foqlF8SYhREirC

Score
9/10

Malware Config

Targets

    • Target

      7aec967dd54cf87da378e562a22ef28c_JaffaCakes118

    • Size

      628KB

    • MD5

      7aec967dd54cf87da378e562a22ef28c

    • SHA1

      b5dca08e9d6517c808965ba2fb5f7653781a8e03

    • SHA256

      2159804e12c593ad645c7b12daac8e7cda81d6ece393bd62142e3be48beb5e2d

    • SHA512

      3e2a1c24fec29776fb909682285d6cf5d671db246859a10d402398d6c328025560971474771699aa51acbe4c1eb3e7e01145c73bf55a1d34b57066df08eb65fb

    • SSDEEP

      12288:gkCYlj6zw6/Oyq60pBuAGDgvN4wCC58MD7roqPdFlCT3SYhR21HtUrKZ:BCYljQI60poHqmwCC5foqlF8SYhREirC

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks