Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9775719c20f8fc7d469ea54aee9b97d3_JaffaCakes118

  • Size

    48KB

  • Sample

    240814-yn17xswdlm

  • MD5

    9775719c20f8fc7d469ea54aee9b97d3

  • SHA1

    e78d391470578777b2f654f1d4e5c53c4e522ed9

  • SHA256

    66c4c600ba4cca6359f276759b9fd2ce82073e24242f85d06dd678e05218c3a2

  • SHA512

    5abf561688a355e18fe181874bb3b5997f5ce9f7da8cc9deebe3a3edb30cdf750caf2c249dd85333eb63385dfa84af30c875ce2b85b10c4c570ae33bfdcf3002

  • SSDEEP

    768:LWRnlOFZzOVeZb7LiWfR5+QTs0aMEwMfW4jW8/7k2yuK8fDpvuUNDQGF:cnlQ9l9XzBv9Ety8zk2Y8fDp7N5

Malware Config

Targets

    • Target

      9775719c20f8fc7d469ea54aee9b97d3_JaffaCakes118

    • Size

      48KB

    • MD5

      9775719c20f8fc7d469ea54aee9b97d3

    • SHA1

      e78d391470578777b2f654f1d4e5c53c4e522ed9

    • SHA256

      66c4c600ba4cca6359f276759b9fd2ce82073e24242f85d06dd678e05218c3a2

    • SHA512

      5abf561688a355e18fe181874bb3b5997f5ce9f7da8cc9deebe3a3edb30cdf750caf2c249dd85333eb63385dfa84af30c875ce2b85b10c4c570ae33bfdcf3002

    • SSDEEP

      768:LWRnlOFZzOVeZb7LiWfR5+QTs0aMEwMfW4jW8/7k2yuK8fDpvuUNDQGF:cnlQ9l9XzBv9Ety8zk2Y8fDp7N5

    • Modifies firewall policy service

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks