Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bc0c427f5a05f9378872dc17a720d90b_JaffaCakes118

  • Size

    544KB

  • Sample

    240823-rf14ma1cqq

  • MD5

    bc0c427f5a05f9378872dc17a720d90b

  • SHA1

    1311b6e7b168680adf42184e4a8c8ada698ec852

  • SHA256

    9547a88a449770505f65b56a176b96c0218c1d1e711f48dc204b477b63fc7930

  • SHA512

    5f09e5212386a0a0537102b3d13af85f0cb9ee8004ffcc037b95b3460aaff0d13a06aaf905ca920fc1db68f961510fe988e027f440f653fea5b2e1db16e7f168

  • SSDEEP

    12288:+NKAOkuBgts1nqPf51kMRXfq5ikUZcS9+xA:14s1nqzy53UZc7

Malware Config

Targets

    • Target

      bc0c427f5a05f9378872dc17a720d90b_JaffaCakes118

    • Size

      544KB

    • MD5

      bc0c427f5a05f9378872dc17a720d90b

    • SHA1

      1311b6e7b168680adf42184e4a8c8ada698ec852

    • SHA256

      9547a88a449770505f65b56a176b96c0218c1d1e711f48dc204b477b63fc7930

    • SHA512

      5f09e5212386a0a0537102b3d13af85f0cb9ee8004ffcc037b95b3460aaff0d13a06aaf905ca920fc1db68f961510fe988e027f440f653fea5b2e1db16e7f168

    • SSDEEP

      12288:+NKAOkuBgts1nqPf51kMRXfq5ikUZcS9+xA:14s1nqzy53UZc7

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks