Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    036f0c57fb3a8a124ae0ed0777a27948_JaffaCakes118

  • Size

    2.9MB

  • Sample

    240620-gprlfaxbrn

  • MD5

    036f0c57fb3a8a124ae0ed0777a27948

  • SHA1

    af697c9fcc96e8154be0af48c2d1398339e15f62

  • SHA256

    2e7a3ebabbb8cdd47998a9e97aa5b3e2448c2ac956a447af810e30262f0d4eab

  • SHA512

    e433db1c886ae541d14421033d3b38b1867a509307dc33b005d1b571ba7423395d7c13a1ca129d951dd4c5727509755da12ecbb06ea8fc014635a7a25bffbed6

  • SSDEEP

    49152:mdfY3+KXPYSNxGl/kUcWcxW0tUilfnzS5LeTtkfjkKhmQB8rY+o:ugvpNq/kUdcxW0ae/zs++jkymE83

Malware Config

Targets

    • Target

      036f0c57fb3a8a124ae0ed0777a27948_JaffaCakes118

    • Size

      2.9MB

    • MD5

      036f0c57fb3a8a124ae0ed0777a27948

    • SHA1

      af697c9fcc96e8154be0af48c2d1398339e15f62

    • SHA256

      2e7a3ebabbb8cdd47998a9e97aa5b3e2448c2ac956a447af810e30262f0d4eab

    • SHA512

      e433db1c886ae541d14421033d3b38b1867a509307dc33b005d1b571ba7423395d7c13a1ca129d951dd4c5727509755da12ecbb06ea8fc014635a7a25bffbed6

    • SSDEEP

      49152:mdfY3+KXPYSNxGl/kUcWcxW0tUilfnzS5LeTtkfjkKhmQB8rY+o:ugvpNq/kUdcxW0ae/zs++jkymE83

    • Modifies Windows Firewall

    • Stops running service(s)

    • Uses Session Manager for persistence

      Creates Session Manager registry key to run executable early in system boot.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks