Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    098ae366ed37c8452cae34e0424ba0f1_JaffaCakes118

  • Size

    132KB

  • Sample

    240624-tsfdssvbqm

  • MD5

    098ae366ed37c8452cae34e0424ba0f1

  • SHA1

    903794154af111385dd74678de2ff85f79c899ff

  • SHA256

    598e72d8ad6a1559b6decbc71be2ed362aaa1f3a2a12cc26cc60d2626215e338

  • SHA512

    f05568a957c42c006ebcf1551f19a3d2bb33f7e0077b4911a776ff1ab8fdb56533fb3df10099e8187494ba6141af878277dc6ac7647467829d5a47918bb8de7e

  • SSDEEP

    3072:e4tWMJJh6fryYP/daqh8iJkZdhSH4FsMVPCuvjrPCqME:ecWMJJhqryYP/daqh5JguH46MVPCuvjF

Score
7/10

Malware Config

Targets

    • Target

      098ae366ed37c8452cae34e0424ba0f1_JaffaCakes118

    • Size

      132KB

    • MD5

      098ae366ed37c8452cae34e0424ba0f1

    • SHA1

      903794154af111385dd74678de2ff85f79c899ff

    • SHA256

      598e72d8ad6a1559b6decbc71be2ed362aaa1f3a2a12cc26cc60d2626215e338

    • SHA512

      f05568a957c42c006ebcf1551f19a3d2bb33f7e0077b4911a776ff1ab8fdb56533fb3df10099e8187494ba6141af878277dc6ac7647467829d5a47918bb8de7e

    • SSDEEP

      3072:e4tWMJJh6fryYP/daqh8iJkZdhSH4FsMVPCuvjrPCqME:ecWMJJhqryYP/daqh5JguH46MVPCuvjF

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks