Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c7de53d6a551375bacbc9f69fb942ca3_JaffaCakes118

  • Size

    252KB

  • Sample

    240828-3vv2pssgqa

  • MD5

    c7de53d6a551375bacbc9f69fb942ca3

  • SHA1

    e67c76ad4d74550bf2d415d5fd24c53e3962bb97

  • SHA256

    a86da44862db5dcebd74768d468fab7346133e6ccc4d95d2759e2c500248a1c3

  • SHA512

    d85d6210128f16b09a0f49f399dc17d9ac16e4427db69fad210614041071d9cc267bddc0cbf945832027e5b91da2334be9dbef5bd356e66d1da60de1ed0ff49d

  • SSDEEP

    3072:eJd8qle2tsu5oehGHA/pqQLxgdBlApXu7Tq/pY+SFuK0Rg:eJd8qAyoehfLmdcpeeHc3

Malware Config

Targets

    • Target

      c7de53d6a551375bacbc9f69fb942ca3_JaffaCakes118

    • Size

      252KB

    • MD5

      c7de53d6a551375bacbc9f69fb942ca3

    • SHA1

      e67c76ad4d74550bf2d415d5fd24c53e3962bb97

    • SHA256

      a86da44862db5dcebd74768d468fab7346133e6ccc4d95d2759e2c500248a1c3

    • SHA512

      d85d6210128f16b09a0f49f399dc17d9ac16e4427db69fad210614041071d9cc267bddc0cbf945832027e5b91da2334be9dbef5bd356e66d1da60de1ed0ff49d

    • SSDEEP

      3072:eJd8qle2tsu5oehGHA/pqQLxgdBlApXu7Tq/pY+SFuK0Rg:eJd8qAyoehfLmdcpeeHc3

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks