Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3e1798ea5420466c1667188e41e171cb_JaffaCakes118

  • Size

    836KB

  • Sample

    240712-t5ps1a1frq

  • MD5

    3e1798ea5420466c1667188e41e171cb

  • SHA1

    8f2003047624655cc5658c9019226c04e7cf7b24

  • SHA256

    2cfd2f69f21e92ff67d83babb0c5735bf99cc62961ddfa193f7385467c31c135

  • SHA512

    94b8da7be35354e05781cabba1f6503237bf7724a031746f1f15f6d7329e139c1037231f45516f58e784e51a8c50f632b0bf16e9254a0bafbba88d0786bdf468

  • SSDEEP

    12288:9ohV56tb4hr+fbtM0E92BD6KqnU7UIXTgdBzAXxto/lJ/zD:9ohV56d41p6BD1qnUQito/D

Score
10/10

Malware Config

Targets

    • Target

      3e1798ea5420466c1667188e41e171cb_JaffaCakes118

    • Size

      836KB

    • MD5

      3e1798ea5420466c1667188e41e171cb

    • SHA1

      8f2003047624655cc5658c9019226c04e7cf7b24

    • SHA256

      2cfd2f69f21e92ff67d83babb0c5735bf99cc62961ddfa193f7385467c31c135

    • SHA512

      94b8da7be35354e05781cabba1f6503237bf7724a031746f1f15f6d7329e139c1037231f45516f58e784e51a8c50f632b0bf16e9254a0bafbba88d0786bdf468

    • SSDEEP

      12288:9ohV56tb4hr+fbtM0E92BD6KqnU7UIXTgdBzAXxto/lJ/zD:9ohV56d41p6BD1qnUQito/D

    Score
    10/10
    • UAC bypass

    • Windows security bypass

    • Disables Task Manager via registry modification

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks