Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    45e52aeb38c2b1f1fea98312270213e3_JaffaCakes118

  • Size

    944KB

  • Sample

    240714-p4pz6atcpb

  • MD5

    45e52aeb38c2b1f1fea98312270213e3

  • SHA1

    50abf4027c97ac75167e3d1116ca2570a6b8a0ed

  • SHA256

    0c79795c22c7fce547679d0206b5aa8e50e51ab9bff60446da9541809debc15d

  • SHA512

    5c87ffe5e998e6a9e54011a9cb95c8f6e8914f17cec597e160abcc21045461715f404f881bf0ad26c40cfdf1ec259b72050f68c5a09555bd52d6d50ff0106485

  • SSDEEP

    12288:3ZWtI6RkQLunu0Ku9O1Lunu0KuDBZJqQZy5SfOROv:3uhaQhABZJqsaS2ROv

Malware Config

Targets

    • Target

      45e52aeb38c2b1f1fea98312270213e3_JaffaCakes118

    • Size

      944KB

    • MD5

      45e52aeb38c2b1f1fea98312270213e3

    • SHA1

      50abf4027c97ac75167e3d1116ca2570a6b8a0ed

    • SHA256

      0c79795c22c7fce547679d0206b5aa8e50e51ab9bff60446da9541809debc15d

    • SHA512

      5c87ffe5e998e6a9e54011a9cb95c8f6e8914f17cec597e160abcc21045461715f404f881bf0ad26c40cfdf1ec259b72050f68c5a09555bd52d6d50ff0106485

    • SSDEEP

      12288:3ZWtI6RkQLunu0Ku9O1Lunu0KuDBZJqQZy5SfOROv:3uhaQhABZJqsaS2ROv

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks