Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3de39d311293a9cdbef5e557b92ddf61_JaffaCakes118

  • Size

    387KB

  • Sample

    240712-sl2ssaygmp

  • MD5

    3de39d311293a9cdbef5e557b92ddf61

  • SHA1

    9bc9f526f22861325ef6aa558db2ef16ef6a9cbc

  • SHA256

    70b4f96142dff1ee461be631ac40e1ded2b425dd1223d2e1d7f89f6513ca7372

  • SHA512

    e5b79492f8dacc82acdfaeb753baefb8235ec9e067a080840f92abb874608ecc6421625768588b4cfbf997e9eefb0ee5f3a429da3db7c84ccf002ecb25da3227

  • SSDEEP

    6144:I9TMlSVMM9TOEvtruUnIKvS+eWjpMSRjiQgSsDlS+jlS:IhnHhBt6UnIceEs

Score
7/10

Malware Config

Targets

    • Target

      3de39d311293a9cdbef5e557b92ddf61_JaffaCakes118

    • Size

      387KB

    • MD5

      3de39d311293a9cdbef5e557b92ddf61

    • SHA1

      9bc9f526f22861325ef6aa558db2ef16ef6a9cbc

    • SHA256

      70b4f96142dff1ee461be631ac40e1ded2b425dd1223d2e1d7f89f6513ca7372

    • SHA512

      e5b79492f8dacc82acdfaeb753baefb8235ec9e067a080840f92abb874608ecc6421625768588b4cfbf997e9eefb0ee5f3a429da3db7c84ccf002ecb25da3227

    • SSDEEP

      6144:I9TMlSVMM9TOEvtruUnIKvS+eWjpMSRjiQgSsDlS+jlS:IhnHhBt6UnIceEs

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks