Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    de9e3a975408cadfc3de6380d94d6031_JaffaCakes118

  • Size

    919KB

  • Sample

    240913-wk5ptszerp

  • MD5

    de9e3a975408cadfc3de6380d94d6031

  • SHA1

    d90c1fbb73ea7795434cc30719e5267065b37d97

  • SHA256

    5790ab960335e7288a7c52616e4c63d5317fd95a2d74d60546f21f47f56674b0

  • SHA512

    e9bbed010592b7fa2bd41404ac3e4385afd91488aadd29791b318db7fe995f824d26a1a8e9c275ff7da8bc1a88b70d824b1325055a4ff067c8059c2d2fda2030

  • SSDEEP

    24576:Q2ogqHQVCGH4ktf/XUP6CWi4+KAPPHAsE:qrHQtN/Xq6tiUAPPHA7

Malware Config

Targets

    • Target

      de9e3a975408cadfc3de6380d94d6031_JaffaCakes118

    • Size

      919KB

    • MD5

      de9e3a975408cadfc3de6380d94d6031

    • SHA1

      d90c1fbb73ea7795434cc30719e5267065b37d97

    • SHA256

      5790ab960335e7288a7c52616e4c63d5317fd95a2d74d60546f21f47f56674b0

    • SHA512

      e9bbed010592b7fa2bd41404ac3e4385afd91488aadd29791b318db7fe995f824d26a1a8e9c275ff7da8bc1a88b70d824b1325055a4ff067c8059c2d2fda2030

    • SSDEEP

      24576:Q2ogqHQVCGH4ktf/XUP6CWi4+KAPPHAsE:qrHQtN/Xq6tiUAPPHA7

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks