Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2fdaab626cc7bc573abb8b110818a16b_JaffaCakes118

  • Size

    124KB

  • Sample

    240709-lml1dszdja

  • MD5

    2fdaab626cc7bc573abb8b110818a16b

  • SHA1

    24eb2363163747bc003dd79489ed57507efee216

  • SHA256

    c9774645baeb52dc8f3486715fa744b4f57c8704e0d969bd60c6779fba06bde3

  • SHA512

    a3892a0ad57eca508037be61d26de7611d968075ed4308839ee460e0d7e38a3b41b63fc9b07387e594ce0971be61e0d79764458cf8e607bfb8026a90325207db

  • SSDEEP

    3072:NNV2/KcHRoeRssqvuYKmdk/sQBHgIKH/ufXT:Nm/g4ssq2A8BHgFHm7

Malware Config

Targets

    • Target

      2fdaab626cc7bc573abb8b110818a16b_JaffaCakes118

    • Size

      124KB

    • MD5

      2fdaab626cc7bc573abb8b110818a16b

    • SHA1

      24eb2363163747bc003dd79489ed57507efee216

    • SHA256

      c9774645baeb52dc8f3486715fa744b4f57c8704e0d969bd60c6779fba06bde3

    • SHA512

      a3892a0ad57eca508037be61d26de7611d968075ed4308839ee460e0d7e38a3b41b63fc9b07387e594ce0971be61e0d79764458cf8e607bfb8026a90325207db

    • SSDEEP

      3072:NNV2/KcHRoeRssqvuYKmdk/sQBHgIKH/ufXT:Nm/g4ssq2A8BHgFHm7

    • Modifies Windows Firewall

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks