Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b1d319221ca27071bede69ab9f69b25e_JaffaCakes118

  • Size

    265KB

  • Sample

    240821-c7jakawfjc

  • MD5

    b1d319221ca27071bede69ab9f69b25e

  • SHA1

    b32493704b91364570830640acb5c222ef99e4d5

  • SHA256

    f278394d2a434c4f01d4856e38bc1a024fab3cac407b93b06449d154fb5633c3

  • SHA512

    b66c714c5b1f4a525367c57c9bbe476584bddcffdc4d746074e53c1ea5eb2ca4d3bca32e55276e7d0c7e84a606eeb737081505923351b1b74112b9afddbc5198

  • SSDEEP

    6144:2lU0T90GuyIyeZq0Aou/fQ20GhCwghLBEg7CwzoGwg7v/V:YFuCeZq0dKfR0oCwILnsWX

Malware Config

Targets

    • Target

      b1d319221ca27071bede69ab9f69b25e_JaffaCakes118

    • Size

      265KB

    • MD5

      b1d319221ca27071bede69ab9f69b25e

    • SHA1

      b32493704b91364570830640acb5c222ef99e4d5

    • SHA256

      f278394d2a434c4f01d4856e38bc1a024fab3cac407b93b06449d154fb5633c3

    • SHA512

      b66c714c5b1f4a525367c57c9bbe476584bddcffdc4d746074e53c1ea5eb2ca4d3bca32e55276e7d0c7e84a606eeb737081505923351b1b74112b9afddbc5198

    • SSDEEP

      6144:2lU0T90GuyIyeZq0Aou/fQ20GhCwghLBEg7CwzoGwg7v/V:YFuCeZq0dKfR0oCwILnsWX

    • Server Software Component: Terminal Services DLL

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Deletes itself

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks