Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c1ad2082c808878d64a6da66fc0a4eca_JaffaCakes118

  • Size

    9.2MB

  • Sample

    240825-1va1esygqj

  • MD5

    c1ad2082c808878d64a6da66fc0a4eca

  • SHA1

    14d5f9f8cc878d41c15d0dffd26f6c5fc3155f32

  • SHA256

    06eb0c3d13d13ec71135773dd567ffad2fbc10dc0dc24564e469c3abc14dd2bd

  • SHA512

    d1463872681cb65cbd220da8f99e5069bc359505429f44b0a5e09aac83cda5611ae529ee5ac99e911e5aded5a586495f55148342f46decb6fbe1bacd280e67d8

  • SSDEEP

    196608:LpDH+7VojzmEpOEr7b8ZvndjE943jQi/CIoEZMlq34dsgubn+JmxXwUf:NDHcojzmgrIVUi/FVASkLubn+8hb

Malware Config

Targets

    • Target

      c1ad2082c808878d64a6da66fc0a4eca_JaffaCakes118

    • Size

      9.2MB

    • MD5

      c1ad2082c808878d64a6da66fc0a4eca

    • SHA1

      14d5f9f8cc878d41c15d0dffd26f6c5fc3155f32

    • SHA256

      06eb0c3d13d13ec71135773dd567ffad2fbc10dc0dc24564e469c3abc14dd2bd

    • SHA512

      d1463872681cb65cbd220da8f99e5069bc359505429f44b0a5e09aac83cda5611ae529ee5ac99e911e5aded5a586495f55148342f46decb6fbe1bacd280e67d8

    • SSDEEP

      196608:LpDH+7VojzmEpOEr7b8ZvndjE943jQi/CIoEZMlq34dsgubn+JmxXwUf:NDHcojzmgrIVUi/FVASkLubn+8hb

    • Event Triggered Execution: Image File Execution Options Injection

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks