Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    aaf45ced7f02c67bbab88e6bd46d5f92_JaffaCakes118

  • Size

    393KB

  • Sample

    240819-pafjmashpa

  • MD5

    aaf45ced7f02c67bbab88e6bd46d5f92

  • SHA1

    04228038f66a44d678409e21cc9c39789f6b4745

  • SHA256

    0f1f188799ba937a8ae609e42325845d5fe23c0905f42d466c8b994ba6bb148d

  • SHA512

    5d937eda0596f1c36376235cce727be54e577e69ec5dedf9414c6afaacb25913a20dbbaca30e507bd2d6f6e2218ae185769b1e8ec6ccbd49cb95cfab3ee2ec16

  • SSDEEP

    12288:pYzh/yF1tpKV+n4o6/yf81C1/FVKrm0IBVPk:pYEzKavfX0eRk

Malware Config

Targets

    • Target

      aaf45ced7f02c67bbab88e6bd46d5f92_JaffaCakes118

    • Size

      393KB

    • MD5

      aaf45ced7f02c67bbab88e6bd46d5f92

    • SHA1

      04228038f66a44d678409e21cc9c39789f6b4745

    • SHA256

      0f1f188799ba937a8ae609e42325845d5fe23c0905f42d466c8b994ba6bb148d

    • SHA512

      5d937eda0596f1c36376235cce727be54e577e69ec5dedf9414c6afaacb25913a20dbbaca30e507bd2d6f6e2218ae185769b1e8ec6ccbd49cb95cfab3ee2ec16

    • SSDEEP

      12288:pYzh/yF1tpKV+n4o6/yf81C1/FVKrm0IBVPk:pYEzKavfX0eRk

    • Windows security bypass

    • Disables taskbar notifications via registry modification

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks