Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    61755eceeaa85bc42a956ade9f3715da_JaffaCakes118

  • Size

    24KB

  • Sample

    240721-z94evavhjf

  • MD5

    61755eceeaa85bc42a956ade9f3715da

  • SHA1

    9628c12a11f81dd1bef286d28b98b11695ab5345

  • SHA256

    e84f7d78b32715d215fbda0f45e4fb083ff8fd8eb146f71d1220682a565e0770

  • SHA512

    af3fb5cbf0d7ff1120d3a5c1f8e9cb7eb3f3d6a649c4100a7fffb5d52b69ea432730b44bd2686f7ced1fba395df3d6397a2d811ec7ca4d238f029bd03c9baa47

  • SSDEEP

    384:DDiNxz0C0EKqd+1xYQ2898RSldkefbLp5roWOkK5NjqbKEMOD2gmXBaLbEGHoac0:3FC03qdSaQNWMlCe/PcYihKY8LDoc

Score
8/10

Malware Config

Targets

    • Target

      61755eceeaa85bc42a956ade9f3715da_JaffaCakes118

    • Size

      24KB

    • MD5

      61755eceeaa85bc42a956ade9f3715da

    • SHA1

      9628c12a11f81dd1bef286d28b98b11695ab5345

    • SHA256

      e84f7d78b32715d215fbda0f45e4fb083ff8fd8eb146f71d1220682a565e0770

    • SHA512

      af3fb5cbf0d7ff1120d3a5c1f8e9cb7eb3f3d6a649c4100a7fffb5d52b69ea432730b44bd2686f7ced1fba395df3d6397a2d811ec7ca4d238f029bd03c9baa47

    • SSDEEP

      384:DDiNxz0C0EKqd+1xYQ2898RSldkefbLp5roWOkK5NjqbKEMOD2gmXBaLbEGHoac0:3FC03qdSaQNWMlCe/PcYihKY8LDoc

    Score
    8/10
    • Adds policy Run key to start application

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks