Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    282e23f486723503ffeab416cb799166_JaffaCakes118

  • Size

    562KB

  • Sample

    240706-l9dyasyapc

  • MD5

    282e23f486723503ffeab416cb799166

  • SHA1

    4463fb14356706e2123851326e7489fc81c574bc

  • SHA256

    8e747fb2b7d505cba81f96b4b1666ddc0553745fe916750a79744d0698c6db7b

  • SHA512

    4d9282057e02e9045bbd3bf2cf458f4a9046a3d8394216afea8d66386ae7083365d4a67bef79c03545c9e4ad13970c0b065262183da4e28ecca49b1666471fae

  • SSDEEP

    12288:RJVjlDXEddgye5izmXrHjcdLPOMxl7mUqS3KPcdW5pd:RXe/O5TXncdLLxl7L0N

Malware Config

Targets

    • Target

      282e23f486723503ffeab416cb799166_JaffaCakes118

    • Size

      562KB

    • MD5

      282e23f486723503ffeab416cb799166

    • SHA1

      4463fb14356706e2123851326e7489fc81c574bc

    • SHA256

      8e747fb2b7d505cba81f96b4b1666ddc0553745fe916750a79744d0698c6db7b

    • SHA512

      4d9282057e02e9045bbd3bf2cf458f4a9046a3d8394216afea8d66386ae7083365d4a67bef79c03545c9e4ad13970c0b065262183da4e28ecca49b1666471fae

    • SSDEEP

      12288:RJVjlDXEddgye5izmXrHjcdLPOMxl7mUqS3KPcdW5pd:RXe/O5TXncdLLxl7L0N

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks