Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dfed85d52ebc5ea8be4edbb0fd2b1bc5_JaffaCakes118

  • Size

    369KB

  • Sample

    240914-lmax5axhrc

  • MD5

    dfed85d52ebc5ea8be4edbb0fd2b1bc5

  • SHA1

    eb390709d52cab2aef63329cbb4beffbcb9eca71

  • SHA256

    f5243af6980d6b65342ef0bed961450c07cc81567a12142b8406f17300c80a85

  • SHA512

    3a92d7d873fcb63d823ac3fa944644f3f2315c7346ca26b6f22877ff074077e2210b55cbcc4ee25f49968d1e2d104d9ce0ffda7a2afb1c8f6e54fa6853a73d8c

  • SSDEEP

    6144:GGInVHmhv2gCSkpapiqnl+CH1Ey+FofBbDCAORPXfuhtK8Xhe/46HNGmYN6nfy15:G7ncOgCSkpUiql+CmyuohGA4atK8x0Ar

Malware Config

Targets

    • Target

      dfed85d52ebc5ea8be4edbb0fd2b1bc5_JaffaCakes118

    • Size

      369KB

    • MD5

      dfed85d52ebc5ea8be4edbb0fd2b1bc5

    • SHA1

      eb390709d52cab2aef63329cbb4beffbcb9eca71

    • SHA256

      f5243af6980d6b65342ef0bed961450c07cc81567a12142b8406f17300c80a85

    • SHA512

      3a92d7d873fcb63d823ac3fa944644f3f2315c7346ca26b6f22877ff074077e2210b55cbcc4ee25f49968d1e2d104d9ce0ffda7a2afb1c8f6e54fa6853a73d8c

    • SSDEEP

      6144:GGInVHmhv2gCSkpapiqnl+CH1Ey+FofBbDCAORPXfuhtK8Xhe/46HNGmYN6nfy15:G7ncOgCSkpUiql+CmyuohGA4atK8x0Ar

    • Disables Task Manager via registry modification

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks