Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ebae0f7205be00ee7d576833574a4553_JaffaCakes118

  • Size

    259KB

  • Sample

    240919-tdlx2axdrq

  • MD5

    ebae0f7205be00ee7d576833574a4553

  • SHA1

    09104faf56af1ce877c0a2ef2ef1445bdd3538de

  • SHA256

    d45ecd813753f71f8cc83550644bbcf13539c672b731a74be8aeb1e7c9452e56

  • SHA512

    a5eeda74e1d83a80bd730edb215c95a5f5d68391295dc75477106d93e832101be5555537a7f0554b3f8bad74df99a42cce57271976fa7f7a886e69f3978dcc43

  • SSDEEP

    6144:EfmHJPPBGCidJZvqJ3M0Gr1f4Nc9vRhGIL:XPPBvir4Gr1f4e

Score
10/10

Malware Config

Targets

    • Target

      ebae0f7205be00ee7d576833574a4553_JaffaCakes118

    • Size

      259KB

    • MD5

      ebae0f7205be00ee7d576833574a4553

    • SHA1

      09104faf56af1ce877c0a2ef2ef1445bdd3538de

    • SHA256

      d45ecd813753f71f8cc83550644bbcf13539c672b731a74be8aeb1e7c9452e56

    • SHA512

      a5eeda74e1d83a80bd730edb215c95a5f5d68391295dc75477106d93e832101be5555537a7f0554b3f8bad74df99a42cce57271976fa7f7a886e69f3978dcc43

    • SSDEEP

      6144:EfmHJPPBGCidJZvqJ3M0Gr1f4Nc9vRhGIL:XPPBvir4Gr1f4e

    Score
    10/10
    • Modifies firewall policy service

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks