Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e2f2d2f9280964279c9fd7d489254308_JaffaCakes118

  • Size

    108KB

  • Sample

    240915-vcf6tstbjg

  • MD5

    e2f2d2f9280964279c9fd7d489254308

  • SHA1

    3d758c8ae7e4dfcb357bff4968ee204ca76d6ea0

  • SHA256

    17b88d8bf6a82375851bf279cd2a2cf2d1200726638bbc382787a016e7323cc9

  • SHA512

    7f06249cd6ee6400211f70349847b4d955fd74cf399d6b77ee7b874965c4701c788ffa7769c71f8ab9266524f3562efa0f7c27c76588dbc8eb0390ceb4d7f275

  • SSDEEP

    3072:41+MJKrUnFYY5z1i0Nmbi5fJBNUweout:gIrPj0NmWtN+oS

Malware Config

Targets

    • Target

      e2f2d2f9280964279c9fd7d489254308_JaffaCakes118

    • Size

      108KB

    • MD5

      e2f2d2f9280964279c9fd7d489254308

    • SHA1

      3d758c8ae7e4dfcb357bff4968ee204ca76d6ea0

    • SHA256

      17b88d8bf6a82375851bf279cd2a2cf2d1200726638bbc382787a016e7323cc9

    • SHA512

      7f06249cd6ee6400211f70349847b4d955fd74cf399d6b77ee7b874965c4701c788ffa7769c71f8ab9266524f3562efa0f7c27c76588dbc8eb0390ceb4d7f275

    • SSDEEP

      3072:41+MJKrUnFYY5z1i0Nmbi5fJBNUweout:gIrPj0NmWtN+oS

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • UAC bypass

    • ModiLoader Second Stage

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks