Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dcaf6598dca41cc9a2c027da0f01d301_JaffaCakes118

  • Size

    132KB

  • Sample

    240912-vreljsvfld

  • MD5

    dcaf6598dca41cc9a2c027da0f01d301

  • SHA1

    23e9352a41f991a478485c43f8ce603620fa2080

  • SHA256

    f2f63c603fccf0583b012ef2dcefad299d462731a27e08ac8e1fe27a4e47b9b8

  • SHA512

    515e5848f276ef6a7ed7bd52ae01e4f7d61587e0b54c411f6ae43ad52c13f00985a3df7683725a01b3972535522c5ea1d07a7a02ff10d27dd558c50e9cd16176

  • SSDEEP

    3072:lwRPXEcBrPf9HU9Oki6DX37fAV4oQZiEqVD:lSPXEcBrPFHU9Ok7rfMWgx

Malware Config

Targets

    • Target

      dcaf6598dca41cc9a2c027da0f01d301_JaffaCakes118

    • Size

      132KB

    • MD5

      dcaf6598dca41cc9a2c027da0f01d301

    • SHA1

      23e9352a41f991a478485c43f8ce603620fa2080

    • SHA256

      f2f63c603fccf0583b012ef2dcefad299d462731a27e08ac8e1fe27a4e47b9b8

    • SHA512

      515e5848f276ef6a7ed7bd52ae01e4f7d61587e0b54c411f6ae43ad52c13f00985a3df7683725a01b3972535522c5ea1d07a7a02ff10d27dd558c50e9cd16176

    • SSDEEP

      3072:lwRPXEcBrPf9HU9Oki6DX37fAV4oQZiEqVD:lSPXEcBrPFHU9Ok7rfMWgx

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks