Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eed8fb9368662b4756e4702920613f25_JaffaCakes118

  • Size

    128KB

  • Sample

    240921-b9z6eszcrp

  • MD5

    eed8fb9368662b4756e4702920613f25

  • SHA1

    50c6727735f21fecd4b1555a0dcdb1667fb881d7

  • SHA256

    6d43df4d3cf508671b3f4a198a344eac57061242c3e26b06f4e0badd87cb0020

  • SHA512

    1b9c697d9f85b45e00a3645091b688e54a853fbf912a9c9d6b09203c823b79f040d61db6c04322503746b8ab28d8290b6a355440f01fefad1c2766aa31d03623

  • SSDEEP

    3072:yrBcplToPac4lUKjxcnz/Lj3UtDzkknldlTlIvLK:ylcplToSUacnz/Lj3U9wOlGD

Malware Config

Targets

    • Target

      eed8fb9368662b4756e4702920613f25_JaffaCakes118

    • Size

      128KB

    • MD5

      eed8fb9368662b4756e4702920613f25

    • SHA1

      50c6727735f21fecd4b1555a0dcdb1667fb881d7

    • SHA256

      6d43df4d3cf508671b3f4a198a344eac57061242c3e26b06f4e0badd87cb0020

    • SHA512

      1b9c697d9f85b45e00a3645091b688e54a853fbf912a9c9d6b09203c823b79f040d61db6c04322503746b8ab28d8290b6a355440f01fefad1c2766aa31d03623

    • SSDEEP

      3072:yrBcplToPac4lUKjxcnz/Lj3UtDzkknldlTlIvLK:ylcplToSUacnz/Lj3U9wOlGD

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks