Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a78f12e732071f88e7ac2a9480f4de18_JaffaCakes118
-
Size
284KB
-
Sample
240818-v1gr9svepa
-
MD5
a78f12e732071f88e7ac2a9480f4de18
-
SHA1
e5cb2eb92421586a5ea3bd8aa8ebf1967f3ed41e
-
SHA256
1b76184870057f01915b5f3db3b777749f70579066a7ba97586b656f2495502e
-
SHA512
57980a82152733edec022a89a9b6ddd1feb4a2b472dcf559200f3996300ddf66e87eefa29644157c8caadef0ee8031ae9761688897c27aaaffd6470046f9aa61
-
SSDEEP
6144:jfX6QcxQRhNyKQ9ezwA2Rv4gnw+lJVomcEk9dk/FLGY+Kt/dPLsx02Gf6vIqGnuJ:GjVIrbQdnHcllaXYDoDM3fiUa
Malware Config
Targets
-
-
Target
a78f12e732071f88e7ac2a9480f4de18_JaffaCakes118
-
Size
284KB
-
MD5
a78f12e732071f88e7ac2a9480f4de18
-
SHA1
e5cb2eb92421586a5ea3bd8aa8ebf1967f3ed41e
-
SHA256
1b76184870057f01915b5f3db3b777749f70579066a7ba97586b656f2495502e
-
SHA512
57980a82152733edec022a89a9b6ddd1feb4a2b472dcf559200f3996300ddf66e87eefa29644157c8caadef0ee8031ae9761688897c27aaaffd6470046f9aa61
-
SSDEEP
6144:jfX6QcxQRhNyKQ9ezwA2Rv4gnw+lJVomcEk9dk/FLGY+Kt/dPLsx02Gf6vIqGnuJ:GjVIrbQdnHcllaXYDoDM3fiUa
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2