Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c7cc8c786a419830597b212843aeebf1_JaffaCakes118

  • Size

    59KB

  • Sample

    240828-2v6yja1arb

  • MD5

    c7cc8c786a419830597b212843aeebf1

  • SHA1

    2085c496de38f62932ee0de57e406c6436db384b

  • SHA256

    b5e5cc69d0e78b9811f389537e89465bb87539588cc75ab4b97709014867799f

  • SHA512

    71ec73fe63c9544ae33293d9837f7fc9c56a03830276625736611982b4a043fdba4d635171ba1ec3b4f618348c5d1bed66cc56c7ef2f6e5931e3839a45b12fc2

  • SSDEEP

    768:/EKmqLhrruofi/U6TxVVVjqVTXW5E53XMoVph1+6Dyk0rzwTDDTlayKUAHCxxhau:/VV3olVj2Vi+cUpEk+CHkUq6d

Malware Config

Targets

    • Target

      c7cc8c786a419830597b212843aeebf1_JaffaCakes118

    • Size

      59KB

    • MD5

      c7cc8c786a419830597b212843aeebf1

    • SHA1

      2085c496de38f62932ee0de57e406c6436db384b

    • SHA256

      b5e5cc69d0e78b9811f389537e89465bb87539588cc75ab4b97709014867799f

    • SHA512

      71ec73fe63c9544ae33293d9837f7fc9c56a03830276625736611982b4a043fdba4d635171ba1ec3b4f618348c5d1bed66cc56c7ef2f6e5931e3839a45b12fc2

    • SSDEEP

      768:/EKmqLhrruofi/U6TxVVVjqVTXW5E53XMoVph1+6Dyk0rzwTDDTlayKUAHCxxhau:/VV3olVj2Vi+cUpEk+CHkUq6d

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks