Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    70335fb53e80e83c3b7f5b44bfe24317_JaffaCakes118

  • Size

    25KB

  • Sample

    240725-s3t49s1eqh

  • MD5

    70335fb53e80e83c3b7f5b44bfe24317

  • SHA1

    e4fd7004adc5aad086cfab63a4f48bb872e9ddc7

  • SHA256

    70c9034ec16f62ec08bd83b200b270f06d08a00d6b10f0a6d8c46a916dd321df

  • SHA512

    34f4ef1806bfe234052f5023026be0e0c58092937a226bad74a47718bfea43d4847a96066ce2369345bbc304cdf8fcf0ffbe3bcef6bdc0d3a58cb7faf71de40c

  • SSDEEP

    384:Cw4BYKPrslTRfoYYBitTFUeHB36i0fDglfoD9nf:MqKPrEAditGeHB36i0fcloJf

Malware Config

Targets

    • Target

      70335fb53e80e83c3b7f5b44bfe24317_JaffaCakes118

    • Size

      25KB

    • MD5

      70335fb53e80e83c3b7f5b44bfe24317

    • SHA1

      e4fd7004adc5aad086cfab63a4f48bb872e9ddc7

    • SHA256

      70c9034ec16f62ec08bd83b200b270f06d08a00d6b10f0a6d8c46a916dd321df

    • SHA512

      34f4ef1806bfe234052f5023026be0e0c58092937a226bad74a47718bfea43d4847a96066ce2369345bbc304cdf8fcf0ffbe3bcef6bdc0d3a58cb7faf71de40c

    • SSDEEP

      384:Cw4BYKPrslTRfoYYBitTFUeHB36i0fDglfoD9nf:MqKPrEAditGeHB36i0fcloJf

    • Adds Run key to start application

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks