Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2ae608629f862ea76773f3dc2ad90721_JaffaCakes118

  • Size

    151KB

  • Sample

    240708-ejc5ratcpb

  • MD5

    2ae608629f862ea76773f3dc2ad90721

  • SHA1

    c9d57adeca4e325373d6e684f686b46350ce2c55

  • SHA256

    7bc4a0f1e57be920e2dec8d3297e481ded4455ce2a2ee511b646f7dc250a46cf

  • SHA512

    a470df36ae484ce9024784dcfe82da0648badd853fc31507d4862c0d043494dfedcf87bd0faefae9d604e0c48ba151e74030c91f10355f1cc914fd3178e4ad42

  • SSDEEP

    3072:fnBoB8+uWRGyVvDSnFw/LIxt0cBGHjRAVCXOqfjiNSzgiN+LfOla7NAOtLez:pFLWnV2wTaYjRG7i4f+a7p8

Score
8/10

Malware Config

Targets

    • Target

      2ae608629f862ea76773f3dc2ad90721_JaffaCakes118

    • Size

      151KB

    • MD5

      2ae608629f862ea76773f3dc2ad90721

    • SHA1

      c9d57adeca4e325373d6e684f686b46350ce2c55

    • SHA256

      7bc4a0f1e57be920e2dec8d3297e481ded4455ce2a2ee511b646f7dc250a46cf

    • SHA512

      a470df36ae484ce9024784dcfe82da0648badd853fc31507d4862c0d043494dfedcf87bd0faefae9d604e0c48ba151e74030c91f10355f1cc914fd3178e4ad42

    • SSDEEP

      3072:fnBoB8+uWRGyVvDSnFw/LIxt0cBGHjRAVCXOqfjiNSzgiN+LfOla7NAOtLez:pFLWnV2wTaYjRG7i4f+a7p8

    Score
    8/10
    • Adds policy Run key to start application

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks