Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6ff25c4c12b84f2cb1b26fe8059a5bf4_JaffaCakes118

  • Size

    672KB

  • Sample

    240725-rp6qgawend

  • MD5

    6ff25c4c12b84f2cb1b26fe8059a5bf4

  • SHA1

    9f8dfbff57c2a2f6247946635899446e5d2fce90

  • SHA256

    e4d6f6a064b6342dfd55a90f25bc27056bbcd64efeadd28fd2b9aae4e8c135a2

  • SHA512

    99748b83cdb4cf0b421d31214a18a5fdf63ede9bd8a18b886b80b887396046e87ceb227995eb8871d396d19940156474df8f32af0bdeb45b9da401964ed6bf26

  • SSDEEP

    12288:SeuOpm1o+LcHAjbFgx52l4WjNT2BObzG7Cwk5+tWe7e7ZgahFRBE3Rad3m:J1jIXfj9zG7qoyZtruMFm

Malware Config

Targets

    • Target

      6ff25c4c12b84f2cb1b26fe8059a5bf4_JaffaCakes118

    • Size

      672KB

    • MD5

      6ff25c4c12b84f2cb1b26fe8059a5bf4

    • SHA1

      9f8dfbff57c2a2f6247946635899446e5d2fce90

    • SHA256

      e4d6f6a064b6342dfd55a90f25bc27056bbcd64efeadd28fd2b9aae4e8c135a2

    • SHA512

      99748b83cdb4cf0b421d31214a18a5fdf63ede9bd8a18b886b80b887396046e87ceb227995eb8871d396d19940156474df8f32af0bdeb45b9da401964ed6bf26

    • SSDEEP

      12288:SeuOpm1o+LcHAjbFgx52l4WjNT2BObzG7Cwk5+tWe7e7ZgahFRBE3Rad3m:J1jIXfj9zG7qoyZtruMFm

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks