Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3b51fab717e281580abca9c62aaa9685_JaffaCakes118

  • Size

    158KB

  • Sample

    240712-ast3ea1dmp

  • MD5

    3b51fab717e281580abca9c62aaa9685

  • SHA1

    74cd77630ace2fa629405f0665f34f1bb86419c1

  • SHA256

    3a309f51d3e4be8f3581b3e83534e19bfbdb1c002f57356ff84fbe4779a3504e

  • SHA512

    41502d14ccb5c65aa72aaea0f91b4f7defe4f1293fed54d1ce9193d77884cb068943560c07f0118fbe0b92de09fab6cf0b2d1e7059ddf2ad9349d41dcee33d3f

  • SSDEEP

    3072:/23lko29IApHuGPdsNjMb5LjZpTSNLjXTp2zEVZNNSdAXb:/do+FuGPds1cLjLSBjDpUEzNNS+L

Malware Config

Targets

    • Target

      3b51fab717e281580abca9c62aaa9685_JaffaCakes118

    • Size

      158KB

    • MD5

      3b51fab717e281580abca9c62aaa9685

    • SHA1

      74cd77630ace2fa629405f0665f34f1bb86419c1

    • SHA256

      3a309f51d3e4be8f3581b3e83534e19bfbdb1c002f57356ff84fbe4779a3504e

    • SHA512

      41502d14ccb5c65aa72aaea0f91b4f7defe4f1293fed54d1ce9193d77884cb068943560c07f0118fbe0b92de09fab6cf0b2d1e7059ddf2ad9349d41dcee33d3f

    • SSDEEP

      3072:/23lko29IApHuGPdsNjMb5LjZpTSNLjXTp2zEVZNNSdAXb:/do+FuGPds1cLjLSBjDpUEzNNS+L

    • Disables service(s)

    • Adds policy Run key to start application

    • Drops file in Drivers directory

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks