Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    14f6abd4e49f583335e04d4dece0653e_JaffaCakes118

  • Size

    187KB

  • Sample

    240627-g14p5syemp

  • MD5

    14f6abd4e49f583335e04d4dece0653e

  • SHA1

    1f113aace96563453027ba7293e9da3356208ca6

  • SHA256

    5577784bc45452a00b219445fd4ebf4aaada7fa789ca31243e2af45744767892

  • SHA512

    e5034678e11495ef92e463872d9b32ee5ab4e421c67e7c8b939803132ec05882a36e6876f0941baffe5b9def29cdbb9c106545ca9e47c0d66e05e7241f5e3dde

  • SSDEEP

    3072:cxku4d4bEHcJWJujJnfRbpcREgeSH+AAAlYEqxZjpvTvWOGg3dppfh/gqT:6EPH7Ju9Ry+VAhlYE6ZjpP3dZpT

Malware Config

Targets

    • Target

      14f6abd4e49f583335e04d4dece0653e_JaffaCakes118

    • Size

      187KB

    • MD5

      14f6abd4e49f583335e04d4dece0653e

    • SHA1

      1f113aace96563453027ba7293e9da3356208ca6

    • SHA256

      5577784bc45452a00b219445fd4ebf4aaada7fa789ca31243e2af45744767892

    • SHA512

      e5034678e11495ef92e463872d9b32ee5ab4e421c67e7c8b939803132ec05882a36e6876f0941baffe5b9def29cdbb9c106545ca9e47c0d66e05e7241f5e3dde

    • SSDEEP

      3072:cxku4d4bEHcJWJujJnfRbpcREgeSH+AAAlYEqxZjpvTvWOGg3dppfh/gqT:6EPH7Ju9Ry+VAhlYE6ZjpP3dZpT

    • Impair Defenses: Safe Mode Boot

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks