Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    43191fb6de25b2cd314e8d4eca8caf25_JaffaCakes118

  • Size

    200KB

  • Sample

    240713-yh1dfavcpr

  • MD5

    43191fb6de25b2cd314e8d4eca8caf25

  • SHA1

    3baedca83821ba74ce77c5fbdc060e72007f1fea

  • SHA256

    e93a4aaa7da50b7993245ce657fa6df147ff2e81919aa691697f8c220d648b8b

  • SHA512

    672525ba4faf19eec8db6048832e0aa784cfeb7d2b6e07754514349a6b7a7cacaf0052a4ad5ac0c7625bba3b487058056d0adfb814bbbb81d358108604900e0b

  • SSDEEP

    3072:CCITo/0Yxw0tQ9nLHbB9WPliBs2HWWEakGJm9Kv:CCdG4QxL7B9WPli+yWWEazz

Score
10/10

Malware Config

Targets

    • Target

      43191fb6de25b2cd314e8d4eca8caf25_JaffaCakes118

    • Size

      200KB

    • MD5

      43191fb6de25b2cd314e8d4eca8caf25

    • SHA1

      3baedca83821ba74ce77c5fbdc060e72007f1fea

    • SHA256

      e93a4aaa7da50b7993245ce657fa6df147ff2e81919aa691697f8c220d648b8b

    • SHA512

      672525ba4faf19eec8db6048832e0aa784cfeb7d2b6e07754514349a6b7a7cacaf0052a4ad5ac0c7625bba3b487058056d0adfb814bbbb81d358108604900e0b

    • SSDEEP

      3072:CCITo/0Yxw0tQ9nLHbB9WPliBs2HWWEakGJm9Kv:CCdG4QxL7B9WPli+yWWEazz

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks