Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b5dabbab43dc864f17a27efdd7644771_JaffaCakes118

  • Size

    55KB

  • Sample

    240822-b2dmfssakh

  • MD5

    b5dabbab43dc864f17a27efdd7644771

  • SHA1

    50fe17b4a5d15abd125fc4258ecb5f0c37c7d322

  • SHA256

    19ef66e47ec9d9bba76d64cf3ec4351c09c66028447f8a8f06ad34dc30a660eb

  • SHA512

    80dcddba998882180b31ee275a4ca066258e285ce2b19aadd8a7b582a4cdbe8d14f778a0c9b11f7d486294638ef236d30bcb0c68c2ffdad16a22a61e2395b885

  • SSDEEP

    1536:+yaQxwEHAvQCPpRiLoMIqa8a2pSE0U1GutYp6Z8bjX4:+yaQKMkNREnzaDE0UkutYpVs

Malware Config

Targets

    • Target

      b5dabbab43dc864f17a27efdd7644771_JaffaCakes118

    • Size

      55KB

    • MD5

      b5dabbab43dc864f17a27efdd7644771

    • SHA1

      50fe17b4a5d15abd125fc4258ecb5f0c37c7d322

    • SHA256

      19ef66e47ec9d9bba76d64cf3ec4351c09c66028447f8a8f06ad34dc30a660eb

    • SHA512

      80dcddba998882180b31ee275a4ca066258e285ce2b19aadd8a7b582a4cdbe8d14f778a0c9b11f7d486294638ef236d30bcb0c68c2ffdad16a22a61e2395b885

    • SSDEEP

      1536:+yaQxwEHAvQCPpRiLoMIqa8a2pSE0U1GutYp6Z8bjX4:+yaQKMkNREnzaDE0UkutYpVs

    • Blocklisted process makes network request

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks