Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9733a369b064d61ccbe064b0c0b3e454_JaffaCakes118

  • Size

    241KB

  • Sample

    240814-w7mgrsxclc

  • MD5

    9733a369b064d61ccbe064b0c0b3e454

  • SHA1

    ab758a1fce360bbfb0a99522d3ec44dda43c9836

  • SHA256

    ac0844fc71ca9c290801a8cc1457e512184d34ededfddecad6cd14c7a2665872

  • SHA512

    f574fd8f51dbbf46eac78149120849bf370d372c47f02b100d02238b788b0cd14e3f36317e84b70d5ca9a9fa47c1202ec756bdd64b0a734a3809534a35e1ed61

  • SSDEEP

    6144:ZkeENDvTSn2SV/GuhYdViC7X57+nMEJk5PeX:ZNEND/k/GLPX57+nmheX

Malware Config

Targets

    • Target

      9733a369b064d61ccbe064b0c0b3e454_JaffaCakes118

    • Size

      241KB

    • MD5

      9733a369b064d61ccbe064b0c0b3e454

    • SHA1

      ab758a1fce360bbfb0a99522d3ec44dda43c9836

    • SHA256

      ac0844fc71ca9c290801a8cc1457e512184d34ededfddecad6cd14c7a2665872

    • SHA512

      f574fd8f51dbbf46eac78149120849bf370d372c47f02b100d02238b788b0cd14e3f36317e84b70d5ca9a9fa47c1202ec756bdd64b0a734a3809534a35e1ed61

    • SSDEEP

      6144:ZkeENDvTSn2SV/GuhYdViC7X57+nMEJk5PeX:ZNEND/k/GLPX57+nmheX

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks