Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cddd2be456bafd92c35be93a04ec9bcf_JaffaCakes118

  • Size

    55KB

  • Sample

    240901-aky2dstgkf

  • MD5

    cddd2be456bafd92c35be93a04ec9bcf

  • SHA1

    bfdbd7fc32e484f9de68167e2c9eee1badeaecf2

  • SHA256

    19db486122397a33896897e249034c7f9fdf4e967c9aa2942b39c22927a076e4

  • SHA512

    d40cdcee0797fb39c04c9417b0b71c1fadb3887ecd0fc7f0e7450269c3ed35d35649376c44cb07654e2530c1224348b51eac81cf71d3f4d407004ff1285295a7

  • SSDEEP

    1536:NPKDseV2udPipzVpQMHR3IW+bJ2qFtPj:c8udKpzVpQMHSp2Ut

Malware Config

Targets

    • Target

      cddd2be456bafd92c35be93a04ec9bcf_JaffaCakes118

    • Size

      55KB

    • MD5

      cddd2be456bafd92c35be93a04ec9bcf

    • SHA1

      bfdbd7fc32e484f9de68167e2c9eee1badeaecf2

    • SHA256

      19db486122397a33896897e249034c7f9fdf4e967c9aa2942b39c22927a076e4

    • SHA512

      d40cdcee0797fb39c04c9417b0b71c1fadb3887ecd0fc7f0e7450269c3ed35d35649376c44cb07654e2530c1224348b51eac81cf71d3f4d407004ff1285295a7

    • SSDEEP

      1536:NPKDseV2udPipzVpQMHR3IW+bJ2qFtPj:c8udKpzVpQMHSp2Ut

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks