Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ba33cafd58294e0f8b51da1fd785ae22_JaffaCakes118

  • Size

    232KB

  • Sample

    240823-d52vkawamr

  • MD5

    ba33cafd58294e0f8b51da1fd785ae22

  • SHA1

    64eb6eb356506834ddde61a5a4269323f2ecd570

  • SHA256

    f418a4d02c9e155e192e34a8c91f01ae96af15699bbc1ab1073e75acaa9a0b87

  • SHA512

    6c144bb8247f89f545416d01e4707de53fc5bc781a18bdee6f7c35340622ef4a59d2e1deff10fe088f0688b996fbb55ad34d51d9cb093ee2d3aa23e40a2746ff

  • SSDEEP

    6144:Zyz3PFKs78vpRTlEqxF6snji81RUinKbLOP:uPhpm

Malware Config

Targets

    • Target

      ba33cafd58294e0f8b51da1fd785ae22_JaffaCakes118

    • Size

      232KB

    • MD5

      ba33cafd58294e0f8b51da1fd785ae22

    • SHA1

      64eb6eb356506834ddde61a5a4269323f2ecd570

    • SHA256

      f418a4d02c9e155e192e34a8c91f01ae96af15699bbc1ab1073e75acaa9a0b87

    • SHA512

      6c144bb8247f89f545416d01e4707de53fc5bc781a18bdee6f7c35340622ef4a59d2e1deff10fe088f0688b996fbb55ad34d51d9cb093ee2d3aa23e40a2746ff

    • SSDEEP

      6144:Zyz3PFKs78vpRTlEqxF6snji81RUinKbLOP:uPhpm

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.