Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1902d2fb07fd303208824e070a491a14_JaffaCakes118

  • Size

    1.0MB

  • Sample

    240628-ghw8caxamn

  • MD5

    1902d2fb07fd303208824e070a491a14

  • SHA1

    c8d4f562bb1441188a33401c736e95c87d9fae8f

  • SHA256

    05d4d6d0f15dec78b1b4a418b8081b720245dd92f09fb32f4f69c6af9d39a8df

  • SHA512

    0a21e11de4c87b814f8817338c272ca33b51c7d9472d6bf849a9dec423eb4738eb2fd26c59f918e72f898d71c5c7383e8829391dcd2931f511e0cb16ed64200b

  • SSDEEP

    24576:w/Af7uuZB2MiMKLv7kLxOPdERHrqPiBfhcvLMc2h:w4CuZhiv6gP8H+4c2h

Malware Config

Targets

    • Target

      1902d2fb07fd303208824e070a491a14_JaffaCakes118

    • Size

      1.0MB

    • MD5

      1902d2fb07fd303208824e070a491a14

    • SHA1

      c8d4f562bb1441188a33401c736e95c87d9fae8f

    • SHA256

      05d4d6d0f15dec78b1b4a418b8081b720245dd92f09fb32f4f69c6af9d39a8df

    • SHA512

      0a21e11de4c87b814f8817338c272ca33b51c7d9472d6bf849a9dec423eb4738eb2fd26c59f918e72f898d71c5c7383e8829391dcd2931f511e0cb16ed64200b

    • SSDEEP

      24576:w/Af7uuZB2MiMKLv7kLxOPdERHrqPiBfhcvLMc2h:w4CuZhiv6gP8H+4c2h

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks