Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bec966bd84aae349b4943bafaa6a4dff_JaffaCakes118
-
Size
731KB
-
Sample
240824-rr253awdmq
-
MD5
bec966bd84aae349b4943bafaa6a4dff
-
SHA1
301c219564d08abbc9cb777b6c313931a09157af
-
SHA256
3440c0d7c314ee056e46cae177989c4aea034362bbd3fedac721727afc1629fe
-
SHA512
26a229fbca499e100f73c6c5f5f265c65aaaa842bd1b7cbf9c509448cf3c7196c60518514095d8d616100b26ac413f22b47e79f4efb72379d4fd036d5232fefc
-
SSDEEP
12288:Jaingtd/9iCpVEZxzraxdUdpmcFmjnDgGeIttwoPR5pWZhAIRXHYnrmA:JaigD/ArravUdscwnlFttwYQRXHYrmA
Malware Config
Targets
-
-
Target
bec966bd84aae349b4943bafaa6a4dff_JaffaCakes118
-
Size
731KB
-
MD5
bec966bd84aae349b4943bafaa6a4dff
-
SHA1
301c219564d08abbc9cb777b6c313931a09157af
-
SHA256
3440c0d7c314ee056e46cae177989c4aea034362bbd3fedac721727afc1629fe
-
SHA512
26a229fbca499e100f73c6c5f5f265c65aaaa842bd1b7cbf9c509448cf3c7196c60518514095d8d616100b26ac413f22b47e79f4efb72379d4fd036d5232fefc
-
SSDEEP
12288:Jaingtd/9iCpVEZxzraxdUdpmcFmjnDgGeIttwoPR5pWZhAIRXHYnrmA:JaigD/ArravUdscwnlFttwYQRXHYrmA
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1