Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b5ca1305dfb83ac4bc1ddf68d81f55e2_JaffaCakes118

  • Size

    216KB

  • Sample

    240822-bm924svcjr

  • MD5

    b5ca1305dfb83ac4bc1ddf68d81f55e2

  • SHA1

    9c28885e55c4078c5e8e54a566d67e194074fe4c

  • SHA256

    5ca3dc81038dfe778acd870f526d8de2186bbebd6ed3a706cdc5050b23db367a

  • SHA512

    410e09227ea10593f884a1965918d5814b2042dae3befbd63095c9dd7945f49e623fcd16f05cc61af0d0c242dd88ea866a9b063c40b46cc033dc9aabe0e712be

  • SSDEEP

    3072:nYUaMKiuxxnM3/7eFE+S2/goM2IFNGzBkl9sGUg:YX/nM36q+VM2CWs9g

Malware Config

Targets

    • Target

      b5ca1305dfb83ac4bc1ddf68d81f55e2_JaffaCakes118

    • Size

      216KB

    • MD5

      b5ca1305dfb83ac4bc1ddf68d81f55e2

    • SHA1

      9c28885e55c4078c5e8e54a566d67e194074fe4c

    • SHA256

      5ca3dc81038dfe778acd870f526d8de2186bbebd6ed3a706cdc5050b23db367a

    • SHA512

      410e09227ea10593f884a1965918d5814b2042dae3befbd63095c9dd7945f49e623fcd16f05cc61af0d0c242dd88ea866a9b063c40b46cc033dc9aabe0e712be

    • SSDEEP

      3072:nYUaMKiuxxnM3/7eFE+S2/goM2IFNGzBkl9sGUg:YX/nM36q+VM2CWs9g

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks