Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8a1d5f4487da1c6e259549f1632571b7_JaffaCakes118
-
Size
156KB
-
Sample
240811-m5mv3s1clg
-
MD5
8a1d5f4487da1c6e259549f1632571b7
-
SHA1
491b6e6ddf6ede20401450ae8bc0ce71f0b1f050
-
SHA256
9a24eba16dcde9ffa07f8cf42baecd76bd33f83f035855fa8d59e162bda88aeb
-
SHA512
8864b5f4241e73d53a72c8e057d4db68f1c6dd2a8ee9acf62ea6d0d48c9037c396ea28289071a1ed4f055712cf494c23d91f5345f9243d86871d61025ae4f848
-
SSDEEP
3072:bA+cTATe0pBI1xkaGU0vBpT8k/QvbawuxtUYqBd5hAmamQAMHfhRvuWxx004oQZc:bZc4e0pBI1xkaH0vBpT8kltDr8L5DMHX
Malware Config
Targets
-
-
Target
8a1d5f4487da1c6e259549f1632571b7_JaffaCakes118
-
Size
156KB
-
MD5
8a1d5f4487da1c6e259549f1632571b7
-
SHA1
491b6e6ddf6ede20401450ae8bc0ce71f0b1f050
-
SHA256
9a24eba16dcde9ffa07f8cf42baecd76bd33f83f035855fa8d59e162bda88aeb
-
SHA512
8864b5f4241e73d53a72c8e057d4db68f1c6dd2a8ee9acf62ea6d0d48c9037c396ea28289071a1ed4f055712cf494c23d91f5345f9243d86871d61025ae4f848
-
SSDEEP
3072:bA+cTATe0pBI1xkaGU0vBpT8k/QvbawuxtUYqBd5hAmamQAMHfhRvuWxx004oQZc:bZc4e0pBI1xkaH0vBpT8kltDr8L5DMHX
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2