Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e0a3c8debcd25c49bea2103893f6957c_JaffaCakes118
-
Size
296KB
-
Sample
240914-vnnp2svenl
-
MD5
e0a3c8debcd25c49bea2103893f6957c
-
SHA1
62296397690c9d4aaacdeb48803dd4876a339cde
-
SHA256
4ca5dc7964fb3c43f900b3e356d78eaa488b26dda1662cdabbbb0812a6900805
-
SHA512
35728fceb5ed27d89d95824081ba65c4e2eb51d02fad261e74037de652907a5d0b2f06fb20090ce5dfd6fd8d0682427da0322428da384d4b008a674093aa28f1
-
SSDEEP
3072:/KYm6FhMIJqOifVqf3RY8xfu3YOUtCPgCr0bM2C2VxZx89bRsVM8fnkTgFG3zsUp:/K1qimRvG0s0bM2CEDV+8fnkSUuta
Malware Config
Targets
-
-
Target
e0a3c8debcd25c49bea2103893f6957c_JaffaCakes118
-
Size
296KB
-
MD5
e0a3c8debcd25c49bea2103893f6957c
-
SHA1
62296397690c9d4aaacdeb48803dd4876a339cde
-
SHA256
4ca5dc7964fb3c43f900b3e356d78eaa488b26dda1662cdabbbb0812a6900805
-
SHA512
35728fceb5ed27d89d95824081ba65c4e2eb51d02fad261e74037de652907a5d0b2f06fb20090ce5dfd6fd8d0682427da0322428da384d4b008a674093aa28f1
-
SSDEEP
3072:/KYm6FhMIJqOifVqf3RY8xfu3YOUtCPgCr0bM2C2VxZx89bRsVM8fnkTgFG3zsUp:/K1qimRvG0s0bM2CEDV+8fnkSUuta
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2