Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d5a5ec6d226fe4d981406dbc0bf00410_JaffaCakes118

  • Size

    284KB

  • Sample

    240909-e18yra1gmn

  • MD5

    d5a5ec6d226fe4d981406dbc0bf00410

  • SHA1

    2b7d631f531eaa852e6883a7e6524dbac03a3546

  • SHA256

    8e71708418eca969d80f3e2379e6c4f64b97142ab28593e55cb0280ad5eaf6f4

  • SHA512

    09b75a4cdcdcb24a3adc0dd9b648de1c84cbc24152541082761835fafaf920d9c08d0b3665d25854fad9cc12327bd9c2f4ce80f92636cb64cdedc48ec6644423

  • SSDEEP

    6144:BNq6Az17HPwmDDANk9eAMezaM8Tu4+4lAGX9gGSwD7uc6Z:BM6Az17HB19bOLvuZ

Malware Config

Targets

    • Target

      d5a5ec6d226fe4d981406dbc0bf00410_JaffaCakes118

    • Size

      284KB

    • MD5

      d5a5ec6d226fe4d981406dbc0bf00410

    • SHA1

      2b7d631f531eaa852e6883a7e6524dbac03a3546

    • SHA256

      8e71708418eca969d80f3e2379e6c4f64b97142ab28593e55cb0280ad5eaf6f4

    • SHA512

      09b75a4cdcdcb24a3adc0dd9b648de1c84cbc24152541082761835fafaf920d9c08d0b3665d25854fad9cc12327bd9c2f4ce80f92636cb64cdedc48ec6644423

    • SSDEEP

      6144:BNq6Az17HPwmDDANk9eAMezaM8Tu4+4lAGX9gGSwD7uc6Z:BM6Az17HB19bOLvuZ

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks