Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    126d45710a48006d4e8d3c13a96a5b97_JaffaCakes118

  • Size

    128KB

  • Sample

    240626-slw8aszekf

  • MD5

    126d45710a48006d4e8d3c13a96a5b97

  • SHA1

    57f80df5ec5a70c69150bcd973650be1141e2aec

  • SHA256

    2cc89fa3dc1b4a107694aae6de5c6211724bcb02f4a15ade957d1382915dced5

  • SHA512

    cd2b2aa7b401e958eec0cf1f37836c1ce559d64fc95fc138d530fad7098ff0de55422165cccdc90960f0473e1ae4954a1b2b36c5059fe80133eea0ae4c55c933

  • SSDEEP

    3072:VXSdqvRQ4kPTf4dd0PRRu9zgBpSju4SQUv6aoRMWdm6U:VXScvRa7f4W69lu4SQ1x2r

Malware Config

Targets

    • Target

      126d45710a48006d4e8d3c13a96a5b97_JaffaCakes118

    • Size

      128KB

    • MD5

      126d45710a48006d4e8d3c13a96a5b97

    • SHA1

      57f80df5ec5a70c69150bcd973650be1141e2aec

    • SHA256

      2cc89fa3dc1b4a107694aae6de5c6211724bcb02f4a15ade957d1382915dced5

    • SHA512

      cd2b2aa7b401e958eec0cf1f37836c1ce559d64fc95fc138d530fad7098ff0de55422165cccdc90960f0473e1ae4954a1b2b36c5059fe80133eea0ae4c55c933

    • SSDEEP

      3072:VXSdqvRQ4kPTf4dd0PRRu9zgBpSju4SQUv6aoRMWdm6U:VXScvRa7f4W69lu4SQ1x2r

    • Modifies WinLogon for persistence

    • Disables Task Manager via registry modification

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Impair Defenses: Safe Mode Boot

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks