Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2b7083e65c670f754f718600eb292cfb_JaffaCakes118

  • Size

    157KB

  • Sample

    240708-h5gxlszhka

  • MD5

    2b7083e65c670f754f718600eb292cfb

  • SHA1

    2c958a67f029d6dc730ad0e94290a5a635225300

  • SHA256

    75f0f21737fed722cba5c80dacdb50614a3e5240efae04108af4e9cc7ae0c707

  • SHA512

    f7ab0e909e7763d65d71153e289a2fd52a5b708f6756423bb9f74069d7f99841d99f98553fe3e4f327f5590d7c1a6c26815fb068b4e02857b110b4d5b815b250

  • SSDEEP

    3072:Vp9pZqP95Oh1DDyjRvxwKU9LfnnOgW4jKIWO977dW18DjVjR:DZE5+13ylv+nDn8O9HdqqJj

Malware Config

Targets

    • Target

      2b7083e65c670f754f718600eb292cfb_JaffaCakes118

    • Size

      157KB

    • MD5

      2b7083e65c670f754f718600eb292cfb

    • SHA1

      2c958a67f029d6dc730ad0e94290a5a635225300

    • SHA256

      75f0f21737fed722cba5c80dacdb50614a3e5240efae04108af4e9cc7ae0c707

    • SHA512

      f7ab0e909e7763d65d71153e289a2fd52a5b708f6756423bb9f74069d7f99841d99f98553fe3e4f327f5590d7c1a6c26815fb068b4e02857b110b4d5b815b250

    • SSDEEP

      3072:Vp9pZqP95Oh1DDyjRvxwKU9LfnnOgW4jKIWO977dW18DjVjR:DZE5+13ylv+nDn8O9HdqqJj

    • Deletes itself

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks