Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bc407613dcd8bc244da23b87b4dca7ca_JaffaCakes118
-
Size
17KB
-
Sample
240823-skhnhs1fre
-
MD5
bc407613dcd8bc244da23b87b4dca7ca
-
SHA1
2d4fbf2adb16dd9ecde292ff317f3a3cb721a230
-
SHA256
40391a2e93b44bb4cf5ed4e34f27aedbbaa2a641b84f7b2b5cfa56bd49f34af1
-
SHA512
e22118600602bc64dd078f8df360e3eb283e4ec9459b0116cc8eef212978e680c6638a00471a26a348711d7296948452a19983e83760b0b6789ea264a225f197
-
SSDEEP
192:c1JdDV4Paqnz9tND2wFFFWOO4Tuu9kqB6EGqgNtGnyWOE+LArUpYCMFaNJhLkwcQ:cGx5V/jX91ny3OtaNJawcudoD7U4xE
Malware Config
Targets
-
-
Target
bc407613dcd8bc244da23b87b4dca7ca_JaffaCakes118
-
Size
17KB
-
MD5
bc407613dcd8bc244da23b87b4dca7ca
-
SHA1
2d4fbf2adb16dd9ecde292ff317f3a3cb721a230
-
SHA256
40391a2e93b44bb4cf5ed4e34f27aedbbaa2a641b84f7b2b5cfa56bd49f34af1
-
SHA512
e22118600602bc64dd078f8df360e3eb283e4ec9459b0116cc8eef212978e680c6638a00471a26a348711d7296948452a19983e83760b0b6789ea264a225f197
-
SSDEEP
192:c1JdDV4Paqnz9tND2wFFFWOO4Tuu9kqB6EGqgNtGnyWOE+LArUpYCMFaNJhLkwcQ:cGx5V/jX91ny3OtaNJawcudoD7U4xE
Score8/10-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Impair Defenses
1Indicator Removal
1File Deletion
1Modify Registry
3