Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b2d597e090ca0cb921a2148fe7f746ab_JaffaCakes118
-
Size
312KB
-
Sample
240821-ktflhszbpe
-
MD5
b2d597e090ca0cb921a2148fe7f746ab
-
SHA1
1eadeee9fffdb5483db8b3b1d2d8e78ad3d0f1ac
-
SHA256
5636ea8ba3dc2b5778fb9582a7bac8d15402243476cedad2be814272fcbde418
-
SHA512
920bf3fdaf9c4a6ab15036d6d1d021dac2bbafa3f040d7acbeee69f485a3579725f115039b5af6fe2d8f5e41d967e90222484d69c80de57f87ff9cacbf500b05
-
SSDEEP
6144:kk7tvTlIpr1f+XqO5aOmSGFDbeOjLPmUSgF:r1TlIB1f+55SpNPmUHF
Malware Config
Targets
-
-
Target
b2d597e090ca0cb921a2148fe7f746ab_JaffaCakes118
-
Size
312KB
-
MD5
b2d597e090ca0cb921a2148fe7f746ab
-
SHA1
1eadeee9fffdb5483db8b3b1d2d8e78ad3d0f1ac
-
SHA256
5636ea8ba3dc2b5778fb9582a7bac8d15402243476cedad2be814272fcbde418
-
SHA512
920bf3fdaf9c4a6ab15036d6d1d021dac2bbafa3f040d7acbeee69f485a3579725f115039b5af6fe2d8f5e41d967e90222484d69c80de57f87ff9cacbf500b05
-
SSDEEP
6144:kk7tvTlIpr1f+XqO5aOmSGFDbeOjLPmUSgF:r1TlIB1f+55SpNPmUHF
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2