Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3d4d90672a3439a7130869841a30d3f1_JaffaCakes118

  • Size

    457KB

  • Sample

    240712-n7vt5sseqp

  • MD5

    3d4d90672a3439a7130869841a30d3f1

  • SHA1

    1237a90c9bd395370f5f2fd3385c9b4fb03cb4a5

  • SHA256

    16ac200407b4b2012c7e80ea57dfd15b254f7cfabf7499ee6405b215dfd780dc

  • SHA512

    b20cbbd845873cd307de70bba10dadf7ab24e8857d8c175280cb637ce72629c288a0cd6458697fae15c7f4e00425d147ad3533ceeae8171126ace2d1bfd0fed9

  • SSDEEP

    6144:t515R5b515R5b5R5b51515R5b515R5b51515R5b52:a

Score
8/10
upx

Malware Config

Targets

    • Target

      3d4d90672a3439a7130869841a30d3f1_JaffaCakes118

    • Size

      457KB

    • MD5

      3d4d90672a3439a7130869841a30d3f1

    • SHA1

      1237a90c9bd395370f5f2fd3385c9b4fb03cb4a5

    • SHA256

      16ac200407b4b2012c7e80ea57dfd15b254f7cfabf7499ee6405b215dfd780dc

    • SHA512

      b20cbbd845873cd307de70bba10dadf7ab24e8857d8c175280cb637ce72629c288a0cd6458697fae15c7f4e00425d147ad3533ceeae8171126ace2d1bfd0fed9

    • SSDEEP

      6144:t515R5b515R5b5R5b51515R5b515R5b51515R5b52:a

    Score
    8/10
    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks