Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    71a9edbe5c47cfc4bb59df22496d9607_JaffaCakes118

  • Size

    219KB

  • Sample

    240725-3bkrma1fqk

  • MD5

    71a9edbe5c47cfc4bb59df22496d9607

  • SHA1

    f842dcc17efea3b5a64afa5d1b25b1a56badec45

  • SHA256

    0a79711a3553c7c2d54c63071f665faeca77086aae4c742f6d2986a93a31abc5

  • SHA512

    1cffed000c75f78d2ddde2f7f1e7b6ebd9a78472dd39ac530dede36e2ac625c757eedfdb0c1cb57e6a1e466c43fa2618d60d18955838d052f1889ed42bcaeaa4

  • SSDEEP

    3072:KvcXLx5Bzqcyxx7/gipQ8Ga7ue2PWi8A4zSk:RxbK7/giyZaae2PtgSk

Malware Config

Targets

    • Target

      71a9edbe5c47cfc4bb59df22496d9607_JaffaCakes118

    • Size

      219KB

    • MD5

      71a9edbe5c47cfc4bb59df22496d9607

    • SHA1

      f842dcc17efea3b5a64afa5d1b25b1a56badec45

    • SHA256

      0a79711a3553c7c2d54c63071f665faeca77086aae4c742f6d2986a93a31abc5

    • SHA512

      1cffed000c75f78d2ddde2f7f1e7b6ebd9a78472dd39ac530dede36e2ac625c757eedfdb0c1cb57e6a1e466c43fa2618d60d18955838d052f1889ed42bcaeaa4

    • SSDEEP

      3072:KvcXLx5Bzqcyxx7/gipQ8Ga7ue2PWi8A4zSk:RxbK7/giyZaae2PtgSk

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks