Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b3a0ad636e933ca2c88f8c4ba6dc34d4_JaffaCakes118

  • Size

    412KB

  • Sample

    240821-qnkwyatfpp

  • MD5

    b3a0ad636e933ca2c88f8c4ba6dc34d4

  • SHA1

    4963e6affdc27634e1958aca9f40bdd867808727

  • SHA256

    3f03adb2a1f144cc769851b00a00d67c14791092c31294ddd095329a0932a4b3

  • SHA512

    90847b1f267cb88381c896e42387821580719debd27249445216ae112195294baee770e89f6d67ff4a4760fda236a3aa02c05d86778881d1ef2bfad2826b91dd

  • SSDEEP

    12288:FH3124LwWdgLDaOgMq1nEyhCkCNCnFeU:FHFMWdgfa5Mq9E/snFp

Malware Config

Targets

    • Target

      b3a0ad636e933ca2c88f8c4ba6dc34d4_JaffaCakes118

    • Size

      412KB

    • MD5

      b3a0ad636e933ca2c88f8c4ba6dc34d4

    • SHA1

      4963e6affdc27634e1958aca9f40bdd867808727

    • SHA256

      3f03adb2a1f144cc769851b00a00d67c14791092c31294ddd095329a0932a4b3

    • SHA512

      90847b1f267cb88381c896e42387821580719debd27249445216ae112195294baee770e89f6d67ff4a4760fda236a3aa02c05d86778881d1ef2bfad2826b91dd

    • SSDEEP

      12288:FH3124LwWdgLDaOgMq1nEyhCkCNCnFeU:FHFMWdgfa5Mq9E/snFp

    • Windows security bypass

    • Disables taskbar notifications via registry modification

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks