Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eed1696267b7fca9e680df64181d1a0d_JaffaCakes118

  • Size

    112KB

  • Sample

    240921-bx17ysyfne

  • MD5

    eed1696267b7fca9e680df64181d1a0d

  • SHA1

    eecd6371a34b1c25f8d00876f9eeb2cc1bc42da2

  • SHA256

    a03f572e0287c7562a5aef44eee7e96cb179f4eebf2b556f246434907011fa70

  • SHA512

    b87292593486c0e74f86618535f2b8b4894318817802fdba45d97142082e7a873f4e81e02d14fb09a9b365f72145b652801925d35b58f7f48fece660cd06922b

  • SSDEEP

    3072:aUBYD7OHq52FCi1ClKUr5lanfq4JmJApTJd0:a+u7uXwOnXJmJWJd0

Malware Config

Targets

    • Target

      eed1696267b7fca9e680df64181d1a0d_JaffaCakes118

    • Size

      112KB

    • MD5

      eed1696267b7fca9e680df64181d1a0d

    • SHA1

      eecd6371a34b1c25f8d00876f9eeb2cc1bc42da2

    • SHA256

      a03f572e0287c7562a5aef44eee7e96cb179f4eebf2b556f246434907011fa70

    • SHA512

      b87292593486c0e74f86618535f2b8b4894318817802fdba45d97142082e7a873f4e81e02d14fb09a9b365f72145b652801925d35b58f7f48fece660cd06922b

    • SSDEEP

      3072:aUBYD7OHq52FCi1ClKUr5lanfq4JmJApTJd0:a+u7uXwOnXJmJWJd0

    • Server Software Component: Terminal Services DLL

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks