Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    71b1f0eeb64b621ce42b9114245b6568_JaffaCakes118

  • Size

    77KB

  • Sample

    240725-3g5nzssaqq

  • MD5

    71b1f0eeb64b621ce42b9114245b6568

  • SHA1

    1bff4cf0ad6b16eb3a8470b5e42efc6475ee6cbf

  • SHA256

    0a87fa34fb2315d82731b1ee00e0f2a550b913ee199e8facb29a6120511a628f

  • SHA512

    6d1eeaacc64aa26519d6301be85a39bc0a37f6ab0f083aafa53513e95d3b725bd3658e2e8e8c6b5b98ec0905d1ef610714b34e530f81bfe27f901c2ebc79c677

  • SSDEEP

    1536:h4Cj21eXzXRRLefTjRDfZZTZG8RJPKyaoSoSNdZIpJ0u/Q4/0a:hK1ezItDvdjPKyajokuXdMa

Malware Config

Targets

    • Target

      71b1f0eeb64b621ce42b9114245b6568_JaffaCakes118

    • Size

      77KB

    • MD5

      71b1f0eeb64b621ce42b9114245b6568

    • SHA1

      1bff4cf0ad6b16eb3a8470b5e42efc6475ee6cbf

    • SHA256

      0a87fa34fb2315d82731b1ee00e0f2a550b913ee199e8facb29a6120511a628f

    • SHA512

      6d1eeaacc64aa26519d6301be85a39bc0a37f6ab0f083aafa53513e95d3b725bd3658e2e8e8c6b5b98ec0905d1ef610714b34e530f81bfe27f901c2ebc79c677

    • SSDEEP

      1536:h4Cj21eXzXRRLefTjRDfZZTZG8RJPKyaoSoSNdZIpJ0u/Q4/0a:hK1ezItDvdjPKyajokuXdMa

    • Modifies firewall policy service

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks