Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b0a4342473590966d57b22a3b3c0a99b_JaffaCakes118

  • Size

    674KB

  • Sample

    240615-3ccgmsyfnf

  • MD5

    b0a4342473590966d57b22a3b3c0a99b

  • SHA1

    143524af9ef4f2af44a965f1fc0144eea370caa4

  • SHA256

    226adbd5d3659a9e36963cfa1dd33fb9c5cbdc87c931a308de648549ea1c2ca1

  • SHA512

    4d18e90ba85da098caea2fe32d62fc4892b30d6f09562489e4bcd38f97ef1d9a9cb625e82b914c4bfacd16df432c578b520d89eb5b48095602133f6c3545245f

  • SSDEEP

    12288:rCRO7YJnY+ndmFWp9QYKctiH0bPbzYVlEYZHJBitDEK9f3ajKG7DfyG6g:OROclJ0Q9+cthjUlE2HLj8f3aD7DqG6g

Score
9/10

Malware Config

Targets

    • Target

      b0a4342473590966d57b22a3b3c0a99b_JaffaCakes118

    • Size

      674KB

    • MD5

      b0a4342473590966d57b22a3b3c0a99b

    • SHA1

      143524af9ef4f2af44a965f1fc0144eea370caa4

    • SHA256

      226adbd5d3659a9e36963cfa1dd33fb9c5cbdc87c931a308de648549ea1c2ca1

    • SHA512

      4d18e90ba85da098caea2fe32d62fc4892b30d6f09562489e4bcd38f97ef1d9a9cb625e82b914c4bfacd16df432c578b520d89eb5b48095602133f6c3545245f

    • SSDEEP

      12288:rCRO7YJnY+ndmFWp9QYKctiH0bPbzYVlEYZHJBitDEK9f3ajKG7DfyG6g:OROclJ0Q9+cthjUlE2HLj8f3aD7DqG6g

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks