Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    69373e49bc2f9152251f8565537f9d2c_JaffaCakes118

  • Size

    403KB

  • Sample

    240723-2gexwssepk

  • MD5

    69373e49bc2f9152251f8565537f9d2c

  • SHA1

    a815fecdc520f79726f497d02f9f7f8c497fe4cb

  • SHA256

    088971c0e4e8794d4a71107dcf41b6d15f8f3d639bfc56e31f219e0e336e9845

  • SHA512

    374fd7ed20399b7eeccb8b691559dd4badf8a93dc99241f76cbf26dc3d3c6f664dad1dac132c022dbc7ddfbccafb9b843a27d598d215ab2aea0963abfe9cc047

  • SSDEEP

    12288:xVV9bIozGWoE2psDBt9fKst0SVVyIW+4IR:ntYPsn9fK8nyJ+X

Malware Config

Targets

    • Target

      69373e49bc2f9152251f8565537f9d2c_JaffaCakes118

    • Size

      403KB

    • MD5

      69373e49bc2f9152251f8565537f9d2c

    • SHA1

      a815fecdc520f79726f497d02f9f7f8c497fe4cb

    • SHA256

      088971c0e4e8794d4a71107dcf41b6d15f8f3d639bfc56e31f219e0e336e9845

    • SHA512

      374fd7ed20399b7eeccb8b691559dd4badf8a93dc99241f76cbf26dc3d3c6f664dad1dac132c022dbc7ddfbccafb9b843a27d598d215ab2aea0963abfe9cc047

    • SSDEEP

      12288:xVV9bIozGWoE2psDBt9fKst0SVVyIW+4IR:ntYPsn9fK8nyJ+X

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks