Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    694f79ff19ff797846458adafaed4a05_JaffaCakes118

  • Size

    160KB

  • Sample

    240723-21rqssxbme

  • MD5

    694f79ff19ff797846458adafaed4a05

  • SHA1

    30ffdbef5a52da4f83f8f00e43a5a44b9aa4b633

  • SHA256

    4653926001769e6074c9288b50fa42b1c10423d224a462422023e780b35dfb1a

  • SHA512

    a067fca98dcde7445ac31172272fd1fda369d937f2455bf28a39375aa2d40498bad6503afe462e0f0cd9057447ea09694b6f049ab84c0b1b6a44378295c7ce7b

  • SSDEEP

    3072:i2ePa6GnZQ7NEEhIjIfUyT5GFySsckDBA3SMrLi+RdGsxtqt:Ey6Gnq5Qjg5msbcSK2oEy

Malware Config

Targets

    • Target

      694f79ff19ff797846458adafaed4a05_JaffaCakes118

    • Size

      160KB

    • MD5

      694f79ff19ff797846458adafaed4a05

    • SHA1

      30ffdbef5a52da4f83f8f00e43a5a44b9aa4b633

    • SHA256

      4653926001769e6074c9288b50fa42b1c10423d224a462422023e780b35dfb1a

    • SHA512

      a067fca98dcde7445ac31172272fd1fda369d937f2455bf28a39375aa2d40498bad6503afe462e0f0cd9057447ea09694b6f049ab84c0b1b6a44378295c7ce7b

    • SSDEEP

      3072:i2ePa6GnZQ7NEEhIjIfUyT5GFySsckDBA3SMrLi+RdGsxtqt:Ey6Gnq5Qjg5msbcSK2oEy

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks