Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ebf0477ea66e2b448e03c7d894b55764_JaffaCakes118

  • Size

    20KB

  • Sample

    240919-w29ecataqd

  • MD5

    ebf0477ea66e2b448e03c7d894b55764

  • SHA1

    68943914562bc01f5d7c2002898de95720cc9b60

  • SHA256

    4aa5f5138f47225accc17e22463ccaa0e6f6f6f4a3a6bd9abb131b39803c6e34

  • SHA512

    05d74d0a3199f862fd5f18ebb453f4515b9e8186f0eaf57fdcc0a88ecf3585365bcb07f6246bd2940b8d0d014633011535d11633b3b1d482aa72ddfd44b7df5b

  • SSDEEP

    384:icBKBJGvdw7/bGtOl5YC5HhRI83YdwbomCH7Xrgo7IX3:fBKBJGVw7jGt+55RdnBCHTk

Malware Config

Targets

    • Target

      ebf0477ea66e2b448e03c7d894b55764_JaffaCakes118

    • Size

      20KB

    • MD5

      ebf0477ea66e2b448e03c7d894b55764

    • SHA1

      68943914562bc01f5d7c2002898de95720cc9b60

    • SHA256

      4aa5f5138f47225accc17e22463ccaa0e6f6f6f4a3a6bd9abb131b39803c6e34

    • SHA512

      05d74d0a3199f862fd5f18ebb453f4515b9e8186f0eaf57fdcc0a88ecf3585365bcb07f6246bd2940b8d0d014633011535d11633b3b1d482aa72ddfd44b7df5b

    • SSDEEP

      384:icBKBJGvdw7/bGtOl5YC5HhRI83YdwbomCH7Xrgo7IX3:fBKBJGVw7jGt+55RdnBCHTk

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks