Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e0744038880667761186b8e91bb9d1a8_JaffaCakes118

  • Size

    519KB

  • Sample

    240914-smrzza1clg

  • MD5

    e0744038880667761186b8e91bb9d1a8

  • SHA1

    d0aa99d32bb0f907a8c16b390a2a94437ad1241d

  • SHA256

    65a6403827fc50edf22feeb81f15b0781fe2764d6ce6dc1f1f59e193d80c5db5

  • SHA512

    d4a9e1e11d695f7ee4cd4d839192bb1845915bdc53cbac62f2e6c84bd0b37cda575fe33cbaa5488ec5f706b4ab79a73843504d006bcf55aa233826ec08464c96

  • SSDEEP

    12288:zjAbupHjKTkzBOID1zpdEWdit1YqYqi+/lDE2On8dr:zjAboKTQl/otKEi+9JOn8dr

Score
9/10

Malware Config

Targets

    • Target

      e0744038880667761186b8e91bb9d1a8_JaffaCakes118

    • Size

      519KB

    • MD5

      e0744038880667761186b8e91bb9d1a8

    • SHA1

      d0aa99d32bb0f907a8c16b390a2a94437ad1241d

    • SHA256

      65a6403827fc50edf22feeb81f15b0781fe2764d6ce6dc1f1f59e193d80c5db5

    • SHA512

      d4a9e1e11d695f7ee4cd4d839192bb1845915bdc53cbac62f2e6c84bd0b37cda575fe33cbaa5488ec5f706b4ab79a73843504d006bcf55aa233826ec08464c96

    • SSDEEP

      12288:zjAbupHjKTkzBOID1zpdEWdit1YqYqi+/lDE2On8dr:zjAboKTQl/otKEi+9JOn8dr

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks