Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8c2c226f58e88601b34d59c8ebd4c987_JaffaCakes118

  • Size

    1.4MB

  • Sample

    240811-13qqvavfpe

  • MD5

    8c2c226f58e88601b34d59c8ebd4c987

  • SHA1

    69db26ce456559c565103fb362b72bec4409934a

  • SHA256

    28d2b0173a0b9a8ccc73c0f40ae4be37fd8272432818cc6820462cdff038d584

  • SHA512

    f1686c0caa042ef5c9ac0b685b5037ea1368c29bbfacd6135eda5c02a3ef7c989919ec538c92e12fee0a8ddc1f082ed314267d4ca642bc767787bb57a3e9c32d

  • SSDEEP

    24576:1qyk+aDRGujRURnI9krKmsXKSzEnMG9iN8MQCUT9Kkn7/jLztCS6FExvZK8fRcbU:1qyk+aDRiEmsQnMG0N8MZs3nvQFExBiA

Malware Config

Targets

    • Target

      8c2c226f58e88601b34d59c8ebd4c987_JaffaCakes118

    • Size

      1.4MB

    • MD5

      8c2c226f58e88601b34d59c8ebd4c987

    • SHA1

      69db26ce456559c565103fb362b72bec4409934a

    • SHA256

      28d2b0173a0b9a8ccc73c0f40ae4be37fd8272432818cc6820462cdff038d584

    • SHA512

      f1686c0caa042ef5c9ac0b685b5037ea1368c29bbfacd6135eda5c02a3ef7c989919ec538c92e12fee0a8ddc1f082ed314267d4ca642bc767787bb57a3e9c32d

    • SSDEEP

      24576:1qyk+aDRGujRURnI9krKmsXKSzEnMG9iN8MQCUT9Kkn7/jLztCS6FExvZK8fRcbU:1qyk+aDRiEmsQnMG0N8MZs3nvQFExBiA

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $PLUGINSDIR/calc.exe

    • Size

      1.3MB

    • MD5

      97e47588a35219417f64ee2184e99118

    • SHA1

      37d77f2594d3a5e81f4aebe0efdc24506b17f542

    • SHA256

      fd20d30fb61ae75dfb715837d811250b2dcce0fc40b2bd3af6533dac50860513

    • SHA512

      39c550d772940d06be3dfdd27ae051a895a2e9887a837131b21ac9470f5e9fb929e8c29d4338cdd8b5406c42973d84546312ac3767c28006a1b77192937bfa1a

    • SSDEEP

      24576:3k+aDRGujRURnI9krKmsXKSzEnMG9iN8MQCUT9Kkn7/jLztCS6FExvZK8fRcbKJK:3k+aDRiEmsQnMG0N8MZs3nvQFExBibiK

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks