Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5c9e80f700149dc90e32d5fe0a99344a_JaffaCakes118

  • Size

    1.6MB

  • Sample

    240719-tc2bbsscqh

  • MD5

    5c9e80f700149dc90e32d5fe0a99344a

  • SHA1

    ad02b83ad81de9cc40519a63b9301df79166ecc4

  • SHA256

    5376988888b8910a07fcbf46369e88e20ebf07aa0448fc3e0bbc5724f33490d6

  • SHA512

    f0c5b2ad05bc46f873893a2532a631be819dc5441699dec16e62f512f2a693b42d2752b743869f266821c014a9c10fad7fb6bd463816d4a9b089f99478867e85

  • SSDEEP

    3072:ThzV9Rd1gWIoKMHOlQtjZtIax1I5NJK5cBnyypQ1x2Cmswz:dRbOCtjvQJFfKxms

Malware Config

Targets

    • Target

      5c9e80f700149dc90e32d5fe0a99344a_JaffaCakes118

    • Size

      1.6MB

    • MD5

      5c9e80f700149dc90e32d5fe0a99344a

    • SHA1

      ad02b83ad81de9cc40519a63b9301df79166ecc4

    • SHA256

      5376988888b8910a07fcbf46369e88e20ebf07aa0448fc3e0bbc5724f33490d6

    • SHA512

      f0c5b2ad05bc46f873893a2532a631be819dc5441699dec16e62f512f2a693b42d2752b743869f266821c014a9c10fad7fb6bd463816d4a9b089f99478867e85

    • SSDEEP

      3072:ThzV9Rd1gWIoKMHOlQtjZtIax1I5NJK5cBnyypQ1x2Cmswz:dRbOCtjvQJFfKxms

    • Modifies visibility of file extensions in Explorer

    • Disables RegEdit via registry modification

    • Drops file in Drivers directory

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks