Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    aa543f8e91c89565fe28d15f08e56b88_JaffaCakes118

  • Size

    116KB

  • Sample

    240819-kmafxsthpd

  • MD5

    aa543f8e91c89565fe28d15f08e56b88

  • SHA1

    40838ac9474ea6b052e231992d10f23260647de3

  • SHA256

    78764888a124779e5f110d907efb33155e61649b93101b220a86b2c8c49a04e0

  • SHA512

    e8f38539fc18de46e823669f3c4c84d9ef190f209a4ac23001d708eb8b702bc027f4ca39d561d26bfa43484297965bf80ebe523b5aefce8ce309a10258e11941

  • SSDEEP

    3072:NG5TmXUzZECOHMh4ZH9yU4INuhxaPzKggZGHT77:Nszzuns64d6aSKnGHT7

Malware Config

Targets

    • Target

      aa543f8e91c89565fe28d15f08e56b88_JaffaCakes118

    • Size

      116KB

    • MD5

      aa543f8e91c89565fe28d15f08e56b88

    • SHA1

      40838ac9474ea6b052e231992d10f23260647de3

    • SHA256

      78764888a124779e5f110d907efb33155e61649b93101b220a86b2c8c49a04e0

    • SHA512

      e8f38539fc18de46e823669f3c4c84d9ef190f209a4ac23001d708eb8b702bc027f4ca39d561d26bfa43484297965bf80ebe523b5aefce8ce309a10258e11941

    • SSDEEP

      3072:NG5TmXUzZECOHMh4ZH9yU4INuhxaPzKggZGHT77:Nszzuns64d6aSKnGHT7

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks