Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b317b0eb541a4720e888470e46204d9a_JaffaCakes118

  • Size

    182KB

  • Sample

    240821-mfpy5sshqh

  • MD5

    b317b0eb541a4720e888470e46204d9a

  • SHA1

    643f7d7bc744e82e09e722d2d3cdbece14256f00

  • SHA256

    7a970dc2a5f3cfafdaff8ed76ef59271fdfa005b68bad4fca923362becf7273c

  • SHA512

    dcb4f5f99597639a783f75f12ed7df1072a01c8f729dac9e34e68df83e257c53532a9633d1a3290fb744a0d0afc492d004ba2e2d8c3e46a125724ffb6c8b7823

  • SSDEEP

    3072:o1q1+MJKrUnFYY5z1i0Nmbi5fJBNIKrout6ECdb5+D7ltx401aqMqtEWCQYzNON8:FIrPj0NmWtNICoS6ESkbiHWtEWg0N8

Malware Config

Targets

    • Target

      b317b0eb541a4720e888470e46204d9a_JaffaCakes118

    • Size

      182KB

    • MD5

      b317b0eb541a4720e888470e46204d9a

    • SHA1

      643f7d7bc744e82e09e722d2d3cdbece14256f00

    • SHA256

      7a970dc2a5f3cfafdaff8ed76ef59271fdfa005b68bad4fca923362becf7273c

    • SHA512

      dcb4f5f99597639a783f75f12ed7df1072a01c8f729dac9e34e68df83e257c53532a9633d1a3290fb744a0d0afc492d004ba2e2d8c3e46a125724ffb6c8b7823

    • SSDEEP

      3072:o1q1+MJKrUnFYY5z1i0Nmbi5fJBNIKrout6ECdb5+D7ltx401aqMqtEWCQYzNON8:FIrPj0NmWtNICoS6ESkbiHWtEWg0N8

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • UAC bypass

    • ModiLoader Second Stage

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks