Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b004513a8b32bedc233b4956057be033_JaffaCakes118

  • Size

    291KB

  • Sample

    240820-t8hh4awgmp

  • MD5

    b004513a8b32bedc233b4956057be033

  • SHA1

    5e35dceabbcd8d543620307ff12ad4133020201f

  • SHA256

    2237681a8e05195486312091795a37839dcdbcfd3aa7ba970d7790243a135e0b

  • SHA512

    0693c2f1e5f8bb92c91bd42f71d99c99cc839b4d543af94d2be259532d4f58362d4db79b91e74ab538b0c2c481a80a3d30b69161821df39c5195c9f6704c96b3

  • SSDEEP

    6144:tFTbEMEvDpB7wY4n74fHyjZRVkcHpy7u/qbWhp+KW:tevvVZu7WoZRVvcu/qqhppW

Malware Config

Targets

    • Target

      b004513a8b32bedc233b4956057be033_JaffaCakes118

    • Size

      291KB

    • MD5

      b004513a8b32bedc233b4956057be033

    • SHA1

      5e35dceabbcd8d543620307ff12ad4133020201f

    • SHA256

      2237681a8e05195486312091795a37839dcdbcfd3aa7ba970d7790243a135e0b

    • SHA512

      0693c2f1e5f8bb92c91bd42f71d99c99cc839b4d543af94d2be259532d4f58362d4db79b91e74ab538b0c2c481a80a3d30b69161821df39c5195c9f6704c96b3

    • SSDEEP

      6144:tFTbEMEvDpB7wY4n74fHyjZRVkcHpy7u/qbWhp+KW:tevvVZu7WoZRVvcu/qqhppW

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks