Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bee51fc5c43a99eb268b75e95b9479c8_JaffaCakes118

  • Size

    60KB

  • Sample

    240824-sx818swgrh

  • MD5

    bee51fc5c43a99eb268b75e95b9479c8

  • SHA1

    08f8026652dd2120e7502ec3bce2ab950d77a22c

  • SHA256

    a89630f456198a010b3836d1aa8f4205b2890f3007565fe74cc75487f55a759c

  • SHA512

    54260f7167fa35975857b987f56e86a14227df77332ff31a55ba288d516f822827ef2a26bb5711d46fb190b6acb2df634b147fbf23239657a539612365431035

  • SSDEEP

    1536:SymacmFKjRm9dv70NMrHtF1Xw1o+XiuKxd:ihm8RMBiiuG

Malware Config

Targets

    • Target

      bee51fc5c43a99eb268b75e95b9479c8_JaffaCakes118

    • Size

      60KB

    • MD5

      bee51fc5c43a99eb268b75e95b9479c8

    • SHA1

      08f8026652dd2120e7502ec3bce2ab950d77a22c

    • SHA256

      a89630f456198a010b3836d1aa8f4205b2890f3007565fe74cc75487f55a759c

    • SHA512

      54260f7167fa35975857b987f56e86a14227df77332ff31a55ba288d516f822827ef2a26bb5711d46fb190b6acb2df634b147fbf23239657a539612365431035

    • SSDEEP

      1536:SymacmFKjRm9dv70NMrHtF1Xw1o+XiuKxd:ihm8RMBiiuG

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks