Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
93cfe07e931ee1d98a02fa3b5dad8357_JaffaCakes118
-
Size
96KB
-
Sample
240813-tns44atckg
-
MD5
93cfe07e931ee1d98a02fa3b5dad8357
-
SHA1
99d2af310ddb62d0475dc72a0b1bc570486fd7b8
-
SHA256
4c5ec84d04309e8c7257bb94e146c9f2944957969ed45e4e44306e7737b7ffba
-
SHA512
41e5531d90b8be418f65f38cac9604fa5d9a2db873efb59947598c1c2e3c2b977a4fbac3691f8fdb1a1e2f680088f2834270e286f7bb86a924831c7065b8f90c
-
SSDEEP
1536:JjQBHtf6cO/hFkGulSc16l6u+NMMl/KlYv1Tq5ThFkNIjni:4uhilu8CFFkCni
Malware Config
Targets
-
-
Target
93cfe07e931ee1d98a02fa3b5dad8357_JaffaCakes118
-
Size
96KB
-
MD5
93cfe07e931ee1d98a02fa3b5dad8357
-
SHA1
99d2af310ddb62d0475dc72a0b1bc570486fd7b8
-
SHA256
4c5ec84d04309e8c7257bb94e146c9f2944957969ed45e4e44306e7737b7ffba
-
SHA512
41e5531d90b8be418f65f38cac9604fa5d9a2db873efb59947598c1c2e3c2b977a4fbac3691f8fdb1a1e2f680088f2834270e286f7bb86a924831c7065b8f90c
-
SSDEEP
1536:JjQBHtf6cO/hFkGulSc16l6u+NMMl/KlYv1Tq5ThFkNIjni:4uhilu8CFFkCni
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2