Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    22f8aa43c98f0ccfa8d542ae0f5912c1_JaffaCakes118

  • Size

    36KB

  • Sample

    240703-tjaf7aycqh

  • MD5

    22f8aa43c98f0ccfa8d542ae0f5912c1

  • SHA1

    31ab4bbeb0dae7e7a07f6d5b0cd4323b2486eaba

  • SHA256

    94eaf532590f68d8766cd7713b820937a08188feb387e7e85902f28a66d8350d

  • SHA512

    9f5bff455395c2f15acea88687d3abdbffd32ac55a231bf632e07a8205bad78e251ab92f20005835dfa09c185299e15fa235a570cda8462ba36108c27181279e

  • SSDEEP

    768:IjgiGxy+iC146BDRK97J3+ZFWo2iU+DaLW:8My+hQYFWuaLW

Malware Config

Targets

    • Target

      22f8aa43c98f0ccfa8d542ae0f5912c1_JaffaCakes118

    • Size

      36KB

    • MD5

      22f8aa43c98f0ccfa8d542ae0f5912c1

    • SHA1

      31ab4bbeb0dae7e7a07f6d5b0cd4323b2486eaba

    • SHA256

      94eaf532590f68d8766cd7713b820937a08188feb387e7e85902f28a66d8350d

    • SHA512

      9f5bff455395c2f15acea88687d3abdbffd32ac55a231bf632e07a8205bad78e251ab92f20005835dfa09c185299e15fa235a570cda8462ba36108c27181279e

    • SSDEEP

      768:IjgiGxy+iC146BDRK97J3+ZFWo2iU+DaLW:8My+hQYFWuaLW

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks