Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    976d13287e5563135d23a1ada58e8120_JaffaCakes118

  • Size

    6.1MB

  • Sample

    240605-hx7s3ahh83

  • MD5

    976d13287e5563135d23a1ada58e8120

  • SHA1

    44d386b1eca5c5b6f2263c9fa4ab26b25bba7210

  • SHA256

    89d1e40859706b926e45a656197c29f933e08fd1f4fc539424b1f41be6a08fcb

  • SHA512

    dd519acad09c1c498171a3f978d85a072b05f906b4b61d953e6fe66ee6e6bb17ffa1ea84232097702306ef3cb7e6278a8fd065f92ffbb69e11b4cac8bfd4688d

  • SSDEEP

    98304:dZqxlo2Zqxlo2Zqxlo2Zqxlo2Zqxlo2ZqxloJW:dZOlo2ZOlo2ZOlo2ZOlo2ZOlo2ZOloA

Malware Config

Targets

    • Target

      976d13287e5563135d23a1ada58e8120_JaffaCakes118

    • Size

      6.1MB

    • MD5

      976d13287e5563135d23a1ada58e8120

    • SHA1

      44d386b1eca5c5b6f2263c9fa4ab26b25bba7210

    • SHA256

      89d1e40859706b926e45a656197c29f933e08fd1f4fc539424b1f41be6a08fcb

    • SHA512

      dd519acad09c1c498171a3f978d85a072b05f906b4b61d953e6fe66ee6e6bb17ffa1ea84232097702306ef3cb7e6278a8fd065f92ffbb69e11b4cac8bfd4688d

    • SSDEEP

      98304:dZqxlo2Zqxlo2Zqxlo2Zqxlo2Zqxlo2ZqxloJW:dZOlo2ZOlo2ZOlo2ZOlo2ZOlo2ZOloA

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks