Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    770f2bbd5d54adb6695331afb812075e_JaffaCakes118

  • Size

    253KB

  • Sample

    240727-e4519sxemq

  • MD5

    770f2bbd5d54adb6695331afb812075e

  • SHA1

    4a9e58bad767211b9caa447a5008bd99d188918e

  • SHA256

    d1a92c6a3bf089d454056331a75f906c156e8e001b3f16651382e0be68335c94

  • SHA512

    931e68c7600c77f17da060c1bbf8f472e169319d273e7b61c55335a331976b594ddc64c6404771e89ec8d9d20086febab753858977fc025a420e97fe4e0bf53c

  • SSDEEP

    6144:yAvzYqWwkIDQTFYtg1nfhzcTnVW5GJZ2tNYLj8Mfsygnx:yAAjIDEuWZQVzYKj86s1x

Malware Config

Targets

    • Target

      770f2bbd5d54adb6695331afb812075e_JaffaCakes118

    • Size

      253KB

    • MD5

      770f2bbd5d54adb6695331afb812075e

    • SHA1

      4a9e58bad767211b9caa447a5008bd99d188918e

    • SHA256

      d1a92c6a3bf089d454056331a75f906c156e8e001b3f16651382e0be68335c94

    • SHA512

      931e68c7600c77f17da060c1bbf8f472e169319d273e7b61c55335a331976b594ddc64c6404771e89ec8d9d20086febab753858977fc025a420e97fe4e0bf53c

    • SSDEEP

      6144:yAvzYqWwkIDQTFYtg1nfhzcTnVW5GJZ2tNYLj8Mfsygnx:yAAjIDEuWZQVzYKj86s1x

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks