Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7dbd39bac946e1f095a6887b601982c9_JaffaCakes118

  • Size

    1018KB

  • Sample

    240528-vrg2nsea73

  • MD5

    7dbd39bac946e1f095a6887b601982c9

  • SHA1

    65f631b36644a8be2883fd1f5855969b4762b17e

  • SHA256

    37ad141380a01b7d971a0b1ab4839aec7dace7fa44cdcf233584ebf1ed4088e3

  • SHA512

    4b0737d43e80eba25c664ed6d2fd4d8506ab3c391cf4f52f04611127fb283ab5bf9b13dc8693ba3a15526f37fa8a97bddcec63be20153e8ef1089aa82d821bb8

  • SSDEEP

    12288:UZWtI6RkIZyOB0vOB0DO+ZyOB0vOB0hCGDgtHgD:UuhaIZyOWOsZyOWOIDgta

Malware Config

Targets

    • Target

      7dbd39bac946e1f095a6887b601982c9_JaffaCakes118

    • Size

      1018KB

    • MD5

      7dbd39bac946e1f095a6887b601982c9

    • SHA1

      65f631b36644a8be2883fd1f5855969b4762b17e

    • SHA256

      37ad141380a01b7d971a0b1ab4839aec7dace7fa44cdcf233584ebf1ed4088e3

    • SHA512

      4b0737d43e80eba25c664ed6d2fd4d8506ab3c391cf4f52f04611127fb283ab5bf9b13dc8693ba3a15526f37fa8a97bddcec63be20153e8ef1089aa82d821bb8

    • SSDEEP

      12288:UZWtI6RkIZyOB0vOB0DO+ZyOB0vOB0hCGDgtHgD:UuhaIZyOWOsZyOWOIDgta

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks