Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a40c77beae013005a230ce082c780b6f_JaffaCakes118

  • Size

    75KB

  • Sample

    240817-zd3tfayblr

  • MD5

    a40c77beae013005a230ce082c780b6f

  • SHA1

    08929a1517673aa32f0d74736fc6f2640a9ca9de

  • SHA256

    8b66d02d464683ea036c32d10bb418a4e60199188fe96094b31a218ba93e5daf

  • SHA512

    e467203a243d8be8e9444d2bd6d9745935fa6a33e3a1e9c16fc5b2a2d946c313b5150992604933497620e57e330f4e9c584a47c2bc879f1bf8892010e4a89db7

  • SSDEEP

    1536:Ms0+GLR/25T8QtVDr7+xufs8Ped4CpJLXKuO5jb0PoahBKh:F5Wo8QtVCufzP+p58lPahBKh

Malware Config

Targets

    • Target

      a40c77beae013005a230ce082c780b6f_JaffaCakes118

    • Size

      75KB

    • MD5

      a40c77beae013005a230ce082c780b6f

    • SHA1

      08929a1517673aa32f0d74736fc6f2640a9ca9de

    • SHA256

      8b66d02d464683ea036c32d10bb418a4e60199188fe96094b31a218ba93e5daf

    • SHA512

      e467203a243d8be8e9444d2bd6d9745935fa6a33e3a1e9c16fc5b2a2d946c313b5150992604933497620e57e330f4e9c584a47c2bc879f1bf8892010e4a89db7

    • SSDEEP

      1536:Ms0+GLR/25T8QtVDr7+xufs8Ped4CpJLXKuO5jb0PoahBKh:F5Wo8QtVCufzP+p58lPahBKh

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks