Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b2a53173b9154b477af5d6e8e7ddb9df_JaffaCakes118

  • Size

    94KB

  • Sample

    240821-jmbtbaxbjh

  • MD5

    b2a53173b9154b477af5d6e8e7ddb9df

  • SHA1

    3471cad194d3b928dc3d0d4b738cc6cd81234f79

  • SHA256

    3f97c3855ee4dee62275a6b3d8a2a22d4200a0d2ab03da5e0b08157e30b9ec7a

  • SHA512

    ffacca7f0cf03aca07632e929080468b1280bdebee5940298e4178a2b94f6ed427f0a0364836e6d63713353831d2c33fb54780a26963170c445539c17b5a7324

  • SSDEEP

    1536:2HpqdKQfKImkaXmcGhoc//////lVQcprzIxYLadR7fvlPP+/zPwKiuicqaa+IW0F:2QKLI1aXmcGyc//////zrwrdf+7oKi/P

Malware Config

Targets

    • Target

      b2a53173b9154b477af5d6e8e7ddb9df_JaffaCakes118

    • Size

      94KB

    • MD5

      b2a53173b9154b477af5d6e8e7ddb9df

    • SHA1

      3471cad194d3b928dc3d0d4b738cc6cd81234f79

    • SHA256

      3f97c3855ee4dee62275a6b3d8a2a22d4200a0d2ab03da5e0b08157e30b9ec7a

    • SHA512

      ffacca7f0cf03aca07632e929080468b1280bdebee5940298e4178a2b94f6ed427f0a0364836e6d63713353831d2c33fb54780a26963170c445539c17b5a7324

    • SSDEEP

      1536:2HpqdKQfKImkaXmcGhoc//////lVQcprzIxYLadR7fvlPP+/zPwKiuicqaa+IW0F:2QKLI1aXmcGyc//////zrwrdf+7oKi/P

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks