Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    763ef81345f2e3046e07ce3c9fc772b6_JaffaCakes118

  • Size

    608KB

  • Sample

    240726-3sjwnawbjh

  • MD5

    763ef81345f2e3046e07ce3c9fc772b6

  • SHA1

    e7b4ee03f99b23be9d19bcdbc13a3ea8e3b7a852

  • SHA256

    f200b09ded14613804a32d367733c8e38e7c6d207a62e1c911b5ddf1e5a68545

  • SHA512

    2d068e5a57d4aa232b81116c00b7e9ed33e2c6cfe8b9e37bb88666b372471dc5232cbba4bb6fee383aabdc0a05c2c5bf174ccb2875653484f886f158ede9347e

  • SSDEEP

    12288:zjgVEGHSRgah8p5gkd7mNvZn479Q5bQjNDhlWM:zimRg/mv2q5bm3P

Malware Config

Targets

    • Target

      763ef81345f2e3046e07ce3c9fc772b6_JaffaCakes118

    • Size

      608KB

    • MD5

      763ef81345f2e3046e07ce3c9fc772b6

    • SHA1

      e7b4ee03f99b23be9d19bcdbc13a3ea8e3b7a852

    • SHA256

      f200b09ded14613804a32d367733c8e38e7c6d207a62e1c911b5ddf1e5a68545

    • SHA512

      2d068e5a57d4aa232b81116c00b7e9ed33e2c6cfe8b9e37bb88666b372471dc5232cbba4bb6fee383aabdc0a05c2c5bf174ccb2875653484f886f158ede9347e

    • SSDEEP

      12288:zjgVEGHSRgah8p5gkd7mNvZn479Q5bQjNDhlWM:zimRg/mv2q5bm3P

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • UAC bypass

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Network Share Discovery

      Attempt to gather information on host network.

MITRE ATT&CK Enterprise v15

Tasks