Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
94befcc84d2ab2475be5fedc65078786_JaffaCakes118
-
Size
100KB
-
Sample
240813-zzvd7a1cjl
-
MD5
94befcc84d2ab2475be5fedc65078786
-
SHA1
c0dec084037d11443f7306001eadb4b206665265
-
SHA256
9973d3220bb0f6d97ea55c355d195019b5bcc237a5c0958d5d6d28ce298eb85f
-
SHA512
787b50cbb6b98235f0509308bbd5e9ddf7a455fe2b10e23d07f89da30942949f3829ab568a4eeee020b786b9f3cc2c0f90bace72dd4b76e0f3589fc2765d6d52
-
SSDEEP
1536:yXA8iAuismywsvLw0wF9MGM9K/oKtNgCMbA1bL3N+NM5UfaNIjnZdJ:nv/KLOM5pCn/J
Malware Config
Targets
-
-
Target
94befcc84d2ab2475be5fedc65078786_JaffaCakes118
-
Size
100KB
-
MD5
94befcc84d2ab2475be5fedc65078786
-
SHA1
c0dec084037d11443f7306001eadb4b206665265
-
SHA256
9973d3220bb0f6d97ea55c355d195019b5bcc237a5c0958d5d6d28ce298eb85f
-
SHA512
787b50cbb6b98235f0509308bbd5e9ddf7a455fe2b10e23d07f89da30942949f3829ab568a4eeee020b786b9f3cc2c0f90bace72dd4b76e0f3589fc2765d6d52
-
SSDEEP
1536:yXA8iAuismywsvLw0wF9MGM9K/oKtNgCMbA1bL3N+NM5UfaNIjnZdJ:nv/KLOM5pCn/J
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2