Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d49024573cb0763c1b33259ddbf4dd72_JaffaCakes118

  • Size

    182KB

  • Sample

    240908-rre1jatake

  • MD5

    d49024573cb0763c1b33259ddbf4dd72

  • SHA1

    01d977d66d665978ea921ee04c874ca7d16c3dbb

  • SHA256

    eb6e6cdc1938ce18d7ab7b222ef38e6c82ccc78244f63b93d2b94c46c8ad12e2

  • SHA512

    2a868b0a7fb7370363ee2e8d22eca5fd603035a1b11ca8b7736f48111068af6ef5fc0c94db7a96b341e24f63a26e5e0622eb5758215348360b5693bc2d2c28b1

  • SSDEEP

    3072:0rkR5Qp0mB63UtF1xZTV6HT7bIq1j1FbbTS/GzDMts:04R5Z2BtIgm5S/YIq

Malware Config

Targets

    • Target

      d49024573cb0763c1b33259ddbf4dd72_JaffaCakes118

    • Size

      182KB

    • MD5

      d49024573cb0763c1b33259ddbf4dd72

    • SHA1

      01d977d66d665978ea921ee04c874ca7d16c3dbb

    • SHA256

      eb6e6cdc1938ce18d7ab7b222ef38e6c82ccc78244f63b93d2b94c46c8ad12e2

    • SHA512

      2a868b0a7fb7370363ee2e8d22eca5fd603035a1b11ca8b7736f48111068af6ef5fc0c94db7a96b341e24f63a26e5e0622eb5758215348360b5693bc2d2c28b1

    • SSDEEP

      3072:0rkR5Qp0mB63UtF1xZTV6HT7bIq1j1FbbTS/GzDMts:04R5Z2BtIgm5S/YIq

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks