Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d66ee2a601a9b386bccb38b5a885f74f_JaffaCakes118

  • Size

    288KB

  • Sample

    240909-q1pewstbqe

  • MD5

    d66ee2a601a9b386bccb38b5a885f74f

  • SHA1

    b8fafe57754d166f68f6d414ac42b44701ad16eb

  • SHA256

    fde897f9ece7e96f541c2c934d12c121f02b54a90bb8cbca09c1afdc53af57ef

  • SHA512

    e915fedae7b886bcdaf7998548430257aed42b4e738ea872bdf448f51b67a119f65cb0a23b7f3c04650ed49a21ffe6a619dd7e1a923d428daf459672c7e09469

  • SSDEEP

    3072:Xd0X0e1FB/DpKjCLHZA2emjL1bQ7EXPdK7l2bmMdB:Xxg1hmMd

Malware Config

Targets

    • Target

      d66ee2a601a9b386bccb38b5a885f74f_JaffaCakes118

    • Size

      288KB

    • MD5

      d66ee2a601a9b386bccb38b5a885f74f

    • SHA1

      b8fafe57754d166f68f6d414ac42b44701ad16eb

    • SHA256

      fde897f9ece7e96f541c2c934d12c121f02b54a90bb8cbca09c1afdc53af57ef

    • SHA512

      e915fedae7b886bcdaf7998548430257aed42b4e738ea872bdf448f51b67a119f65cb0a23b7f3c04650ed49a21ffe6a619dd7e1a923d428daf459672c7e09469

    • SSDEEP

      3072:Xd0X0e1FB/DpKjCLHZA2emjL1bQ7EXPdK7l2bmMdB:Xxg1hmMd

    • UAC bypass

    • Windows security bypass

    • Windows security modification

    • Checks whether UAC is enabled

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks