Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b1c6cbba37f1b127e3147c92b20be349_JaffaCakes118

  • Size

    34KB

  • Sample

    240821-cv98hswapg

  • MD5

    b1c6cbba37f1b127e3147c92b20be349

  • SHA1

    5b7c22588e5381c641778e28c7e6501c1b77bb60

  • SHA256

    9e6d4c5917ad96f81d173a8f04d00c769448e9fd6d8ed101272f27f4d0916dde

  • SHA512

    50c39c6ecaee07592153ad8254397af43c52fe2184dd5d962511e622f07ce71e542f6a15d73c9656e4ec75439f003307e87f136546eebfb9d7784fae1636638d

  • SSDEEP

    768:U4036VivbIqUWgvJfD6CTFTO0CLqpSLFJpv+OkOiT:B0qbqsJfD6CTFTMaSLFrhxM

Malware Config

Targets

    • Target

      b1c6cbba37f1b127e3147c92b20be349_JaffaCakes118

    • Size

      34KB

    • MD5

      b1c6cbba37f1b127e3147c92b20be349

    • SHA1

      5b7c22588e5381c641778e28c7e6501c1b77bb60

    • SHA256

      9e6d4c5917ad96f81d173a8f04d00c769448e9fd6d8ed101272f27f4d0916dde

    • SHA512

      50c39c6ecaee07592153ad8254397af43c52fe2184dd5d962511e622f07ce71e542f6a15d73c9656e4ec75439f003307e87f136546eebfb9d7784fae1636638d

    • SSDEEP

      768:U4036VivbIqUWgvJfD6CTFTO0CLqpSLFJpv+OkOiT:B0qbqsJfD6CTFTMaSLFrhxM

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks