Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a8d164756ecd1e60e4510334f4ef64c6_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240819-al6smawfqp

  • MD5

    a8d164756ecd1e60e4510334f4ef64c6

  • SHA1

    9d3825cc87e83bd29561a31a49cee63f173ff515

  • SHA256

    e0f566934e24a7fe29c2b45f2c8b70bb56980769238002dedf2ef72ebe49cde3

  • SHA512

    fbf7a081ed5048a3daa44de7b11058358e52e9139178a970654b9f4880eed5e63ff3e0086603361b6cb83662ce87643e5971d1077a79a32d37acad3d509758c9

  • SSDEEP

    24576:F0nWgSSwbfqAuwIlIRz/JCLhtrNGy6Eydl+uP4ySUbK+w5GgZzkEg8:F0nWgoXIlI5/gLHrNRyn+H7l+w3zk18

Malware Config

Targets

    • Target

      a8d164756ecd1e60e4510334f4ef64c6_JaffaCakes118

    • Size

      1.2MB

    • MD5

      a8d164756ecd1e60e4510334f4ef64c6

    • SHA1

      9d3825cc87e83bd29561a31a49cee63f173ff515

    • SHA256

      e0f566934e24a7fe29c2b45f2c8b70bb56980769238002dedf2ef72ebe49cde3

    • SHA512

      fbf7a081ed5048a3daa44de7b11058358e52e9139178a970654b9f4880eed5e63ff3e0086603361b6cb83662ce87643e5971d1077a79a32d37acad3d509758c9

    • SSDEEP

      24576:F0nWgSSwbfqAuwIlIRz/JCLhtrNGy6Eydl+uP4ySUbK+w5GgZzkEg8:F0nWgoXIlI5/gLHrNRyn+H7l+w3zk18

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates processes with tasklist

    • Hide Artifacts: Hidden Files and Directories

MITRE ATT&CK Enterprise v15

Tasks