Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bf50001b34591160cfe4feba3c519ade_JaffaCakes118

  • Size

    36KB

  • Sample

    240824-yvtresydnn

  • MD5

    bf50001b34591160cfe4feba3c519ade

  • SHA1

    8d3b6830599b3c00d00161cbf7fd9856efe6c87c

  • SHA256

    3a383178231c29a84cc4d83cbe5dc00131fd97b088fd9136df68347717cc2808

  • SHA512

    9d8091890cbe7e71ec13feef8bd5260171d43cdf4667587aaafdaacdab2985f2e24ffac179c55adbea943d07f7761f7187021b85d7fc07e334218e6d58ad367f

  • SSDEEP

    768:kjgiGxy+is1M6BDRK97J3+ZFWo2iU+7ww:AMy+TQYFW8ww

Malware Config

Targets

    • Target

      bf50001b34591160cfe4feba3c519ade_JaffaCakes118

    • Size

      36KB

    • MD5

      bf50001b34591160cfe4feba3c519ade

    • SHA1

      8d3b6830599b3c00d00161cbf7fd9856efe6c87c

    • SHA256

      3a383178231c29a84cc4d83cbe5dc00131fd97b088fd9136df68347717cc2808

    • SHA512

      9d8091890cbe7e71ec13feef8bd5260171d43cdf4667587aaafdaacdab2985f2e24ffac179c55adbea943d07f7761f7187021b85d7fc07e334218e6d58ad367f

    • SSDEEP

      768:kjgiGxy+is1M6BDRK97J3+ZFWo2iU+7ww:AMy+TQYFW8ww

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks