Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9f5c706d0fc49650250d096c06616f8a_JaffaCakes118

  • Size

    512KB

  • Sample

    240611-ypp62szbpl

  • MD5

    9f5c706d0fc49650250d096c06616f8a

  • SHA1

    64a3c524004ba32775be51927e349e81960b1c61

  • SHA256

    14053203870959c77e0a78832375ef02415e4e57157c130b3a849d7a3299191d

  • SHA512

    42d653f42d564980a379b97a6da94cfaa46a881f9a68632ff99771af211ad485a31dce66de0cdd1d13302a5a94c7e86fbc1c5254a6f7f5a7425886022cf9ce26

  • SSDEEP

    12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4R:0+h9OY70z+warul3E4R

Score
9/10

Malware Config

Targets

    • Target

      9f5c706d0fc49650250d096c06616f8a_JaffaCakes118

    • Size

      512KB

    • MD5

      9f5c706d0fc49650250d096c06616f8a

    • SHA1

      64a3c524004ba32775be51927e349e81960b1c61

    • SHA256

      14053203870959c77e0a78832375ef02415e4e57157c130b3a849d7a3299191d

    • SHA512

      42d653f42d564980a379b97a6da94cfaa46a881f9a68632ff99771af211ad485a31dce66de0cdd1d13302a5a94c7e86fbc1c5254a6f7f5a7425886022cf9ce26

    • SSDEEP

      12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4R:0+h9OY70z+warul3E4R

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks