Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    65f38f664729295fae5118ccc6eb9042_JaffaCakes118

  • Size

    203KB

  • Sample

    240723-dzqv4svend

  • MD5

    65f38f664729295fae5118ccc6eb9042

  • SHA1

    710d3b8b1ff32330c1c1f8aaba337c026a9383aa

  • SHA256

    c80e4e9c820990ea35402656db2d7dd5203ed6c3955ae1ad60601f5858a37f7e

  • SHA512

    15cdff36ba8867437ec7fc2cbc770d399aa32d81483248657cd3f44353ae91d265905b21e9d7f5a54651934ed2f9d182a95bf2baf90d66c85c789caa1bf5df53

  • SSDEEP

    6144:JPf5WUBlTpkaLKsYLyut+lJik2vs3/H6h:JPHBJXYVElJiK/ah

Malware Config

Targets

    • Target

      65f38f664729295fae5118ccc6eb9042_JaffaCakes118

    • Size

      203KB

    • MD5

      65f38f664729295fae5118ccc6eb9042

    • SHA1

      710d3b8b1ff32330c1c1f8aaba337c026a9383aa

    • SHA256

      c80e4e9c820990ea35402656db2d7dd5203ed6c3955ae1ad60601f5858a37f7e

    • SHA512

      15cdff36ba8867437ec7fc2cbc770d399aa32d81483248657cd3f44353ae91d265905b21e9d7f5a54651934ed2f9d182a95bf2baf90d66c85c789caa1bf5df53

    • SSDEEP

      6144:JPf5WUBlTpkaLKsYLyut+lJik2vs3/H6h:JPHBJXYVElJiK/ah

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks