Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a0c7f6dc2181a03822d80b89e3eb23b6_JaffaCakes118

  • Size

    708KB

  • Sample

    240817-ccrcpa1bka

  • MD5

    a0c7f6dc2181a03822d80b89e3eb23b6

  • SHA1

    24d32b7cf785f015f042e7e2775b685aa05e44bd

  • SHA256

    db85071114c8a9d9f3955ed94fa0e23dc7f80b6db815180f0de613cb3651e449

  • SHA512

    1e2782e13b0563a34c9dcf40146061642665c8ea9d2c90cc10969e7bb4ed2f6929c216719f76a649f927e4a8fc9b69c122591494fd09d9e1071fa13040a76d30

  • SSDEEP

    12288:LwKQPwAuox7TnLPBG/qoHXwIAKP7r9r/+ppppppppppppppppppppppppppppp0G:GwAuox7TU/F3TP1q

Malware Config

Targets

    • Target

      a0c7f6dc2181a03822d80b89e3eb23b6_JaffaCakes118

    • Size

      708KB

    • MD5

      a0c7f6dc2181a03822d80b89e3eb23b6

    • SHA1

      24d32b7cf785f015f042e7e2775b685aa05e44bd

    • SHA256

      db85071114c8a9d9f3955ed94fa0e23dc7f80b6db815180f0de613cb3651e449

    • SHA512

      1e2782e13b0563a34c9dcf40146061642665c8ea9d2c90cc10969e7bb4ed2f6929c216719f76a649f927e4a8fc9b69c122591494fd09d9e1071fa13040a76d30

    • SSDEEP

      12288:LwKQPwAuox7TnLPBG/qoHXwIAKP7r9r/+ppppppppppppppppppppppppppppp0G:GwAuox7TU/F3TP1q

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks