Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    81950bd62346edc2012fa1cdb834188c_JaffaCakes118

  • Size

    638KB

  • Sample

    240529-xsjb8sfc36

  • MD5

    81950bd62346edc2012fa1cdb834188c

  • SHA1

    1c0a5bf7aa63b585a2cf8c4e6358a8b2deb5d1ba

  • SHA256

    2373017059d61386f8f3d1b7f4dc5084db31c471d0e3d78bbc0f124b2b67844e

  • SHA512

    f64e505e91b7521784c54f7b60ee5c6a4ccb9a944ab48de2a9ac6ef1e9f4c447b4a9c1a7fcd7bd38ab4ceb049b0a3eb21391b5ed1173d35335a638c636fc08ce

  • SSDEEP

    12288:hmrT/NtMTbIhcvPMLxa8bzzyUoCyhRB2Sjy7Xrxti3rwbX1W38oZ1f6jB3Bs:QrT/Nt3AML1XRykdzltqm8r3f6jB2

Score
9/10

Malware Config

Targets

    • Target

      81950bd62346edc2012fa1cdb834188c_JaffaCakes118

    • Size

      638KB

    • MD5

      81950bd62346edc2012fa1cdb834188c

    • SHA1

      1c0a5bf7aa63b585a2cf8c4e6358a8b2deb5d1ba

    • SHA256

      2373017059d61386f8f3d1b7f4dc5084db31c471d0e3d78bbc0f124b2b67844e

    • SHA512

      f64e505e91b7521784c54f7b60ee5c6a4ccb9a944ab48de2a9ac6ef1e9f4c447b4a9c1a7fcd7bd38ab4ceb049b0a3eb21391b5ed1173d35335a638c636fc08ce

    • SSDEEP

      12288:hmrT/NtMTbIhcvPMLxa8bzzyUoCyhRB2Sjy7Xrxti3rwbX1W38oZ1f6jB3Bs:QrT/Nt3AML1XRykdzltqm8r3f6jB2

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks