Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
aa543f8e91c89565fe28d15f08e56b88_JaffaCakes118
-
Size
116KB
-
Sample
240819-kmafxsthpd
-
MD5
aa543f8e91c89565fe28d15f08e56b88
-
SHA1
40838ac9474ea6b052e231992d10f23260647de3
-
SHA256
78764888a124779e5f110d907efb33155e61649b93101b220a86b2c8c49a04e0
-
SHA512
e8f38539fc18de46e823669f3c4c84d9ef190f209a4ac23001d708eb8b702bc027f4ca39d561d26bfa43484297965bf80ebe523b5aefce8ce309a10258e11941
-
SSDEEP
3072:NG5TmXUzZECOHMh4ZH9yU4INuhxaPzKggZGHT77:Nszzuns64d6aSKnGHT7
Malware Config
Targets
-
-
Target
aa543f8e91c89565fe28d15f08e56b88_JaffaCakes118
-
Size
116KB
-
MD5
aa543f8e91c89565fe28d15f08e56b88
-
SHA1
40838ac9474ea6b052e231992d10f23260647de3
-
SHA256
78764888a124779e5f110d907efb33155e61649b93101b220a86b2c8c49a04e0
-
SHA512
e8f38539fc18de46e823669f3c4c84d9ef190f209a4ac23001d708eb8b702bc027f4ca39d561d26bfa43484297965bf80ebe523b5aefce8ce309a10258e11941
-
SSDEEP
3072:NG5TmXUzZECOHMh4ZH9yU4INuhxaPzKggZGHT77:Nszzuns64d6aSKnGHT7
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2