Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2c32f844e0cd375070e06bb9e0e215da_JaffaCakes118

  • Size

    16KB

  • Sample

    240708-nsx1ysxbnp

  • MD5

    2c32f844e0cd375070e06bb9e0e215da

  • SHA1

    20e1f35297d62e3cdc6ebbf8788649eed1854655

  • SHA256

    93278a2db71873c7503dd0986c31c4b41d7ff649ef8cd07986278595e5e65933

  • SHA512

    1265345ca01a7cdb5ae2de6ee3589feebf22967af0e25281a10222f8429fa507f667e5d4998d6173201c90bbf72713af673becb712b6f405c90f961954416a17

  • SSDEEP

    192:f83msQ4B1Z8F274/JQtCBdH0dHRdHwdHPH1SdHK18G+j5P:f+mcB1Z8jxQtCBqrmuw+B

Score
8/10

Malware Config

Targets

    • Target

      2c32f844e0cd375070e06bb9e0e215da_JaffaCakes118

    • Size

      16KB

    • MD5

      2c32f844e0cd375070e06bb9e0e215da

    • SHA1

      20e1f35297d62e3cdc6ebbf8788649eed1854655

    • SHA256

      93278a2db71873c7503dd0986c31c4b41d7ff649ef8cd07986278595e5e65933

    • SHA512

      1265345ca01a7cdb5ae2de6ee3589feebf22967af0e25281a10222f8429fa507f667e5d4998d6173201c90bbf72713af673becb712b6f405c90f961954416a17

    • SSDEEP

      192:f83msQ4B1Z8F274/JQtCBdH0dHRdHwdHPH1SdHK18G+j5P:f+mcB1Z8jxQtCBqrmuw+B

    Score
    8/10
    • Adds policy Run key to start application

    • Event Triggered Execution: Image File Execution Options Injection

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks