Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b5978f13be4a44df3d9f8dd51a17d2be_JaffaCakes118
-
Size
244KB
-
Sample
240822-ahh76axhpe
-
MD5
b5978f13be4a44df3d9f8dd51a17d2be
-
SHA1
99672bc361bb929bef70636bae885a14070351d2
-
SHA256
0e0cde573dda2547fb699e0c3d35448730730ba66c9212ed8830628fdb8b03f8
-
SHA512
1121223ea11fc5c2c8c1354e948c6631ac86daa88de4ddb1f7f84e9f232ca3b7df30cc65381f769e3af6f4b32f17ad7e6904347bb57f3584cfa8c363ce2742aa
-
SSDEEP
6144:gtvP3+FC9EOSApdlZaUlZxepbGIff736d/F6RQzeVIOAIONEt0CWLLnp5rW:gtH3+M9kkdlYU7xepbGIff7kVNEyCWzS
Malware Config
Targets
-
-
Target
b5978f13be4a44df3d9f8dd51a17d2be_JaffaCakes118
-
Size
244KB
-
MD5
b5978f13be4a44df3d9f8dd51a17d2be
-
SHA1
99672bc361bb929bef70636bae885a14070351d2
-
SHA256
0e0cde573dda2547fb699e0c3d35448730730ba66c9212ed8830628fdb8b03f8
-
SHA512
1121223ea11fc5c2c8c1354e948c6631ac86daa88de4ddb1f7f84e9f232ca3b7df30cc65381f769e3af6f4b32f17ad7e6904347bb57f3584cfa8c363ce2742aa
-
SSDEEP
6144:gtvP3+FC9EOSApdlZaUlZxepbGIff736d/F6RQzeVIOAIONEt0CWLLnp5rW:gtH3+M9kkdlYU7xepbGIff7kVNEyCWzS
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2