Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
872c7ab24152ef4163141ed7ca271ebc_JaffaCakes118
-
Size
232KB
-
Sample
240810-w4vzqs1hpj
-
MD5
872c7ab24152ef4163141ed7ca271ebc
-
SHA1
d9d97ff5fcee621afcc21a5c69c9b1e24e27fdef
-
SHA256
1c2482fa25f418b7d1c0efed21f0239e75ff6ccf78aa00847355c5a9f3acca1a
-
SHA512
5409ff488d22ab5866ec972510f2e23c691507ae61d548eb5e999152dab83255812f9ed6ea4cd6ef5cbbf57af3ffd40a8298febabc934d595475563089e77db3
-
SSDEEP
6144:CyF3PFKs78vpRTlEqxF6snji81RUinKbL1:3Php
Malware Config
Targets
-
-
Target
872c7ab24152ef4163141ed7ca271ebc_JaffaCakes118
-
Size
232KB
-
MD5
872c7ab24152ef4163141ed7ca271ebc
-
SHA1
d9d97ff5fcee621afcc21a5c69c9b1e24e27fdef
-
SHA256
1c2482fa25f418b7d1c0efed21f0239e75ff6ccf78aa00847355c5a9f3acca1a
-
SHA512
5409ff488d22ab5866ec972510f2e23c691507ae61d548eb5e999152dab83255812f9ed6ea4cd6ef5cbbf57af3ffd40a8298febabc934d595475563089e77db3
-
SSDEEP
6144:CyF3PFKs78vpRTlEqxF6snji81RUinKbL1:3Php
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2