Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b3e3c1c528f9bdcb2e731d48ab9d4e42_JaffaCakes118
-
Size
176KB
-
Sample
240821-r5legaxfrq
-
MD5
b3e3c1c528f9bdcb2e731d48ab9d4e42
-
SHA1
dad2ee44dbff90cda1ece13f7e9013cdc02009af
-
SHA256
32dabbee61d55c2608cc5e534a113c22a0ac23f90dc44f7b0c124f6a281179a9
-
SHA512
95ee071766bca6bffdb015cb2654682115ed53867b26528f0f08466cc9ac2805136a28f61e03d0961408ccbfecb927ac838d50b24d2dbe598e801b099c56f40e
-
SSDEEP
3072:CtaGK/fObT/bGiS3LOClnkZQxlrUax81zX1faK0U9C00hKex9nQ3b7a5VpIC+RZW:Ct1K/fObT/bGiELOSnkZQxlrUax8NX1Y
Malware Config
Targets
-
-
Target
b3e3c1c528f9bdcb2e731d48ab9d4e42_JaffaCakes118
-
Size
176KB
-
MD5
b3e3c1c528f9bdcb2e731d48ab9d4e42
-
SHA1
dad2ee44dbff90cda1ece13f7e9013cdc02009af
-
SHA256
32dabbee61d55c2608cc5e534a113c22a0ac23f90dc44f7b0c124f6a281179a9
-
SHA512
95ee071766bca6bffdb015cb2654682115ed53867b26528f0f08466cc9ac2805136a28f61e03d0961408ccbfecb927ac838d50b24d2dbe598e801b099c56f40e
-
SSDEEP
3072:CtaGK/fObT/bGiS3LOClnkZQxlrUax81zX1faK0U9C00hKex9nQ3b7a5VpIC+RZW:Ct1K/fObT/bGiELOSnkZQxlrUax8NX1Y
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2