Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b0b9681265f8b34f7454b32b7bb7bb99_JaffaCakes118

  • Size

    128KB

  • Sample

    240820-za6e6asape

  • MD5

    b0b9681265f8b34f7454b32b7bb7bb99

  • SHA1

    833d13d2c0168d77c4449b9746513c7c09b10890

  • SHA256

    7cd6e0715890f5da28a829656cc1957cc507138333da7864b93a6462446a1371

  • SHA512

    704f6e742b6b0ed1757218dc2e62f906d71eb86ba5f35d083e83cf6cc8ac53e2fe360fcbdfe07dfd7dacaba339719545198120fa07daa52a02f47556015ad556

  • SSDEEP

    3072:KJaavDoQOsEm3ZIIASFUzz5d77hh/GQHMMW:KJvZ9EwZ5ASez7HHMh

Malware Config

Targets

    • Target

      b0b9681265f8b34f7454b32b7bb7bb99_JaffaCakes118

    • Size

      128KB

    • MD5

      b0b9681265f8b34f7454b32b7bb7bb99

    • SHA1

      833d13d2c0168d77c4449b9746513c7c09b10890

    • SHA256

      7cd6e0715890f5da28a829656cc1957cc507138333da7864b93a6462446a1371

    • SHA512

      704f6e742b6b0ed1757218dc2e62f906d71eb86ba5f35d083e83cf6cc8ac53e2fe360fcbdfe07dfd7dacaba339719545198120fa07daa52a02f47556015ad556

    • SSDEEP

      3072:KJaavDoQOsEm3ZIIASFUzz5d77hh/GQHMMW:KJvZ9EwZ5ASez7HHMh

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks