Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8eb923fd39b3ac7639621e685d0a613c_JaffaCakes118

  • Size

    41KB

  • Sample

    240812-phz81a1bml

  • MD5

    8eb923fd39b3ac7639621e685d0a613c

  • SHA1

    a37cf86d018e2966d9dbcb868e44e7a7b70999a3

  • SHA256

    bb6121d045af0981d46e750ecb9a0dbd9e0e606979fbc6f2ecdbb7a2ccbb3712

  • SHA512

    5fe5544258245194ec0201d80049017f2485bbe1033012954f0196d5439807e3fae812339d9261e551338ea355aebc66cb7370a5d4442a8d637ba679c84240fc

  • SSDEEP

    768:QIBar1ZIZYnfI9opm6AIHIjaI7g9mVmUnQoNE/W5dRV8:pW1ZIZqI9opm6AIHIjzmUpNzd

Malware Config

Targets

    • Target

      8eb923fd39b3ac7639621e685d0a613c_JaffaCakes118

    • Size

      41KB

    • MD5

      8eb923fd39b3ac7639621e685d0a613c

    • SHA1

      a37cf86d018e2966d9dbcb868e44e7a7b70999a3

    • SHA256

      bb6121d045af0981d46e750ecb9a0dbd9e0e606979fbc6f2ecdbb7a2ccbb3712

    • SHA512

      5fe5544258245194ec0201d80049017f2485bbe1033012954f0196d5439807e3fae812339d9261e551338ea355aebc66cb7370a5d4442a8d637ba679c84240fc

    • SSDEEP

      768:QIBar1ZIZYnfI9opm6AIHIjaI7g9mVmUnQoNE/W5dRV8:pW1ZIZqI9opm6AIHIjzmUpNzd

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks