Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
aa50667eeaefaf054764328c647566be_JaffaCakes118
-
Size
36KB
-
Sample
240819-kh77dstgle
-
MD5
aa50667eeaefaf054764328c647566be
-
SHA1
51e947b894abf53747b3fb0c6963d7cec42a709d
-
SHA256
53668be2a5f0fb66247b301dea0a15075dae52f5082c430cf235e8961240f829
-
SHA512
279430c1f38ef96bfb8b0076f465680660f456f0e4fcd5834452ab8b54adce5246a4afc7d8b8985eb206d9c9cf8c987bc814d002f725690a43763b95b41870a5
-
SSDEEP
768:/jgiGxy+iC146BDRK97J3+ZFWo2iU+DaLW:7My+hQYFWuaLW
Malware Config
Targets
-
-
Target
aa50667eeaefaf054764328c647566be_JaffaCakes118
-
Size
36KB
-
MD5
aa50667eeaefaf054764328c647566be
-
SHA1
51e947b894abf53747b3fb0c6963d7cec42a709d
-
SHA256
53668be2a5f0fb66247b301dea0a15075dae52f5082c430cf235e8961240f829
-
SHA512
279430c1f38ef96bfb8b0076f465680660f456f0e4fcd5834452ab8b54adce5246a4afc7d8b8985eb206d9c9cf8c987bc814d002f725690a43763b95b41870a5
-
SSDEEP
768:/jgiGxy+iC146BDRK97J3+ZFWo2iU+DaLW:7My+hQYFWuaLW
Score8/10-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-