Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1701f09f7348b0a609b8819b076bb4df_JaffaCakes118

  • Size

    316KB

  • Sample

    240627-wv2e6awarq

  • MD5

    1701f09f7348b0a609b8819b076bb4df

  • SHA1

    946adb3857d1478e9a26387b83efaf86ca217245

  • SHA256

    6c5f89452d664c01acbf9264bc18c58e45ed6ff54ee58afeda8e39680dfb4c65

  • SHA512

    2b1793a1292718892dc882603a375ee284e8b72be12c7cd9df541e5e0d9f6b42ee8c960aef01efe2e836d7313a53680aedb53844a9315613b36922831faa4b72

  • SSDEEP

    6144:k/JVYO/QyCTEtWff9nQMdkxIV0OQotoBOm8ntGUcF6/DsEfNXqkEL:mJVYO/09YxIToYmtyIx

Score
10/10

Malware Config

Targets

    • Target

      1701f09f7348b0a609b8819b076bb4df_JaffaCakes118

    • Size

      316KB

    • MD5

      1701f09f7348b0a609b8819b076bb4df

    • SHA1

      946adb3857d1478e9a26387b83efaf86ca217245

    • SHA256

      6c5f89452d664c01acbf9264bc18c58e45ed6ff54ee58afeda8e39680dfb4c65

    • SHA512

      2b1793a1292718892dc882603a375ee284e8b72be12c7cd9df541e5e0d9f6b42ee8c960aef01efe2e836d7313a53680aedb53844a9315613b36922831faa4b72

    • SSDEEP

      6144:k/JVYO/QyCTEtWff9nQMdkxIV0OQotoBOm8ntGUcF6/DsEfNXqkEL:mJVYO/09YxIToYmtyIx

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks