Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    707892e01ab7c607921d0814ead6d09d_JaffaCakes118

  • Size

    1.0MB

  • Sample

    240725-vkz9nssgpm

  • MD5

    707892e01ab7c607921d0814ead6d09d

  • SHA1

    6c7a8c0f6b51f72a3c42853a7a03eff0468dd20f

  • SHA256

    5f63649a2be2ede8d11a5307c1f9dfe2e231103a7fc69f148b53cecce3c3c013

  • SHA512

    c1a692859a2746ce554c10edd949e933c66099ae9d776174a1a88ce497434a6b4583ba5d447a22a2cf592015fac82a9a14871e03ca45e86c557890ff35c3e6f9

  • SSDEEP

    24576:3uha/eZJ8NI80erQZb+md4wmieZJ8NI8NeZJ8NI8r:Yl80erQZbd2f8a8r

Malware Config

Targets

    • Target

      707892e01ab7c607921d0814ead6d09d_JaffaCakes118

    • Size

      1.0MB

    • MD5

      707892e01ab7c607921d0814ead6d09d

    • SHA1

      6c7a8c0f6b51f72a3c42853a7a03eff0468dd20f

    • SHA256

      5f63649a2be2ede8d11a5307c1f9dfe2e231103a7fc69f148b53cecce3c3c013

    • SHA512

      c1a692859a2746ce554c10edd949e933c66099ae9d776174a1a88ce497434a6b4583ba5d447a22a2cf592015fac82a9a14871e03ca45e86c557890ff35c3e6f9

    • SSDEEP

      24576:3uha/eZJ8NI80erQZb+md4wmieZJ8NI8NeZJ8NI8r:Yl80erQZbd2f8a8r

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Network Share Discovery

      Attempt to gather information on host network.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks