Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5def5470442105538cfd1da19d27888b_JaffaCakes118

  • Size

    91KB

  • Sample

    240719-2df1satbln

  • MD5

    5def5470442105538cfd1da19d27888b

  • SHA1

    37bf6e70ca682f3e3d564bcf87c5a9cb348f1c61

  • SHA256

    51a76604b7a46c7a548a4b4ba9eb17699afcddd8a14865911fe31950e145e2c6

  • SHA512

    ef4d9a0a8e08ad17010236bc92f63fffefcc18634f767f0ab0b3ecca726d62d12e126c355047ae8c5a4d8cb411a77bef88ee20c5864f485650998ec625d645cf

  • SSDEEP

    1536:oqF54cS86+sJymu1/I5mxG03oGRhxjlNGMLxZewlnWqyN7dq32eSUNnjeHsLkdJR:QrZcmu1/I5mxG03oGRhxjlNGMLxZewlz

Malware Config

Targets

    • Target

      5def5470442105538cfd1da19d27888b_JaffaCakes118

    • Size

      91KB

    • MD5

      5def5470442105538cfd1da19d27888b

    • SHA1

      37bf6e70ca682f3e3d564bcf87c5a9cb348f1c61

    • SHA256

      51a76604b7a46c7a548a4b4ba9eb17699afcddd8a14865911fe31950e145e2c6

    • SHA512

      ef4d9a0a8e08ad17010236bc92f63fffefcc18634f767f0ab0b3ecca726d62d12e126c355047ae8c5a4d8cb411a77bef88ee20c5864f485650998ec625d645cf

    • SSDEEP

      1536:oqF54cS86+sJymu1/I5mxG03oGRhxjlNGMLxZewlnWqyN7dq32eSUNnjeHsLkdJR:QrZcmu1/I5mxG03oGRhxjlNGMLxZewlz

    • Modifies firewall policy service

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks