Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    845bc1575e069d72fb1cfa5e3ed66ccd_JaffaCakes118

  • Size

    2.9MB

  • Sample

    240530-q1majabf82

  • MD5

    845bc1575e069d72fb1cfa5e3ed66ccd

  • SHA1

    25d6e2c7ced1e6afadac2ae5a1c5b2ee06058087

  • SHA256

    343a55a2c4d257e48615d747f3e2b7bc3526700356e2a245295b75150ac83cde

  • SHA512

    c8451e34a52633d0944bcf65575a6a1415eaeca29694b17814264b9f93e7a2164fc7cf627caaec21a2e920454f3bbce463dfffc609a8481d812ba66f5809fc78

  • SSDEEP

    24576:UuhaKOaOWOGOaOWOGOaOWOGOaOWOGOaOWOGOaOWO0D:b1D

Malware Config

Targets

    • Target

      845bc1575e069d72fb1cfa5e3ed66ccd_JaffaCakes118

    • Size

      2.9MB

    • MD5

      845bc1575e069d72fb1cfa5e3ed66ccd

    • SHA1

      25d6e2c7ced1e6afadac2ae5a1c5b2ee06058087

    • SHA256

      343a55a2c4d257e48615d747f3e2b7bc3526700356e2a245295b75150ac83cde

    • SHA512

      c8451e34a52633d0944bcf65575a6a1415eaeca29694b17814264b9f93e7a2164fc7cf627caaec21a2e920454f3bbce463dfffc609a8481d812ba66f5809fc78

    • SSDEEP

      24576:UuhaKOaOWOGOaOWOGOaOWOGOaOWOGOaOWOGOaOWO0D:b1D

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks