Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bf76dd3911dad9e23a75b4ceb24d563b_JaffaCakes118

  • Size

    72KB

  • Sample

    240824-1gyjkasgql

  • MD5

    bf76dd3911dad9e23a75b4ceb24d563b

  • SHA1

    580bea2b89d6df50012618f013fe23c0a9c83d75

  • SHA256

    0ebaf5c2ec13e55b281a86c31d8162e73ac5fd86e6b69654e6bf76ef9d95484c

  • SHA512

    30c1370e9559521b9d1543450ff8d94236e930fab96a2dc904509000733f4cb13c91c05e77483cf2d6d7a005a6683ee8b1544f4e41b347cfc1d41960aaed56af

  • SSDEEP

    1536:mQDPszyOhJ0pDaId6cjkbnfLAVWN2WOPEdBtGe+O:Tkzx8YcInfMMNgEdz5

Malware Config

Targets

    • Target

      bf76dd3911dad9e23a75b4ceb24d563b_JaffaCakes118

    • Size

      72KB

    • MD5

      bf76dd3911dad9e23a75b4ceb24d563b

    • SHA1

      580bea2b89d6df50012618f013fe23c0a9c83d75

    • SHA256

      0ebaf5c2ec13e55b281a86c31d8162e73ac5fd86e6b69654e6bf76ef9d95484c

    • SHA512

      30c1370e9559521b9d1543450ff8d94236e930fab96a2dc904509000733f4cb13c91c05e77483cf2d6d7a005a6683ee8b1544f4e41b347cfc1d41960aaed56af

    • SSDEEP

      1536:mQDPszyOhJ0pDaId6cjkbnfLAVWN2WOPEdBtGe+O:Tkzx8YcInfMMNgEdz5

    • Modifies firewall policy service

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks