Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
78521eb256a2f89d5e4affb11f5aa53d_JaffaCakes118
-
Size
320KB
-
Sample
240727-qpt61a1epq
-
MD5
78521eb256a2f89d5e4affb11f5aa53d
-
SHA1
0a47a94ca1d8f3daff8ea27904144d7b360a18a2
-
SHA256
dea7f5828ceb9d5eec4dd8b27f5798e129312eb2442f944a7331f6a591445a05
-
SHA512
e018833d58fe8b5a834a6c7bd66c3d20522ffd18d38dd61bc620941f0c8c85a9040d1307946e7ea5cd162c0a94eef584fee2ec89536aa1abaff0b26cdd771ca2
-
SSDEEP
6144:Hy/03/pn/NbYl/a+fCf8SLJOIrhTyMMGRVq:S/0xn/NH+qL8nMMsV
Malware Config
Targets
-
-
Target
78521eb256a2f89d5e4affb11f5aa53d_JaffaCakes118
-
Size
320KB
-
MD5
78521eb256a2f89d5e4affb11f5aa53d
-
SHA1
0a47a94ca1d8f3daff8ea27904144d7b360a18a2
-
SHA256
dea7f5828ceb9d5eec4dd8b27f5798e129312eb2442f944a7331f6a591445a05
-
SHA512
e018833d58fe8b5a834a6c7bd66c3d20522ffd18d38dd61bc620941f0c8c85a9040d1307946e7ea5cd162c0a94eef584fee2ec89536aa1abaff0b26cdd771ca2
-
SSDEEP
6144:Hy/03/pn/NbYl/a+fCf8SLJOIrhTyMMGRVq:S/0xn/NH+qL8nMMsV
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2