Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dc520f97398ead51ef973a1599b2749c_JaffaCakes118

  • Size

    335KB

  • Sample

    240912-p6xssaware

  • MD5

    dc520f97398ead51ef973a1599b2749c

  • SHA1

    1ff1ae904fc50f47bae27c3201349ad4eb499810

  • SHA256

    40d7d22f096d132f226a7bc08bbf68131a01ca7749def670c21b7b27db609935

  • SHA512

    b825e4b264c2f69d8efe5f2dd9947ad7678e649b632cf9aacb438a7e417efd22283199aafb6f2b77d400dfc5ba64c86961ea78a09d91e69a5a830bcb64216d54

  • SSDEEP

    6144:l7ItgahAb+QBXdxCY/Tv8Hqf+RoC7RoiCicubz:l7ItmrBXdxJF+vqiCi7z

Malware Config

Targets

    • Target

      dc520f97398ead51ef973a1599b2749c_JaffaCakes118

    • Size

      335KB

    • MD5

      dc520f97398ead51ef973a1599b2749c

    • SHA1

      1ff1ae904fc50f47bae27c3201349ad4eb499810

    • SHA256

      40d7d22f096d132f226a7bc08bbf68131a01ca7749def670c21b7b27db609935

    • SHA512

      b825e4b264c2f69d8efe5f2dd9947ad7678e649b632cf9aacb438a7e417efd22283199aafb6f2b77d400dfc5ba64c86961ea78a09d91e69a5a830bcb64216d54

    • SSDEEP

      6144:l7ItgahAb+QBXdxCY/Tv8Hqf+RoC7RoiCicubz:l7ItmrBXdxJF+vqiCi7z

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks