Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
eed0a063eae80ad6e67a65b035785f11_JaffaCakes118
-
Size
124KB
-
Sample
240921-bwpgrsyfrk
-
MD5
eed0a063eae80ad6e67a65b035785f11
-
SHA1
23da75b059761e3fcf81ff35664ac06649b90445
-
SHA256
3d74b8dcfdf6df0fd1abd0093aaa48646b7bd055377713af8f8301aaa97f5c19
-
SHA512
5d7a69bd002e46fc80f4e9cbd99bf66a2aba0beecef0c70996adc4c1708b4dca96b2d6a8abc89d8cd213421f7d04657204c2050cc39e3ca4ffb31a80d664dc62
-
SSDEEP
3072:gCYK3vXvOG2RdYjH08qdLxilMiyfwAfGWMwV:hYK3vXWG4mzQLxilMiyfwAfGW
Malware Config
Targets
-
-
Target
eed0a063eae80ad6e67a65b035785f11_JaffaCakes118
-
Size
124KB
-
MD5
eed0a063eae80ad6e67a65b035785f11
-
SHA1
23da75b059761e3fcf81ff35664ac06649b90445
-
SHA256
3d74b8dcfdf6df0fd1abd0093aaa48646b7bd055377713af8f8301aaa97f5c19
-
SHA512
5d7a69bd002e46fc80f4e9cbd99bf66a2aba0beecef0c70996adc4c1708b4dca96b2d6a8abc89d8cd213421f7d04657204c2050cc39e3ca4ffb31a80d664dc62
-
SSDEEP
3072:gCYK3vXvOG2RdYjH08qdLxilMiyfwAfGWMwV:hYK3vXWG4mzQLxilMiyfwAfGW
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2