Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
eed958beebebba6b7fadd5f888240ce6_JaffaCakes118
-
Size
228KB
-
Sample
240921-caqndazcmd
-
MD5
eed958beebebba6b7fadd5f888240ce6
-
SHA1
bb0cfcd48cc37e953cd56a8b42e773e427d5a55a
-
SHA256
ad8968d3ba9baee9f4b6e5e22832a3d7e748eab25c3a5109c4cee17d45dfb301
-
SHA512
07a15fdd338aadba68e5941837bd65dc0cba1bc352f63726be37b5389c2921d574cd4c45aefe85ba2f2de968af4842740a931d70909d0a012d6e16bb8ccba2ae
-
SSDEEP
6144:OKQpg3dwqsNy5ibpNjl4EqxF6snji81RUinKIC:7QcdQxl
Malware Config
Targets
-
-
Target
eed958beebebba6b7fadd5f888240ce6_JaffaCakes118
-
Size
228KB
-
MD5
eed958beebebba6b7fadd5f888240ce6
-
SHA1
bb0cfcd48cc37e953cd56a8b42e773e427d5a55a
-
SHA256
ad8968d3ba9baee9f4b6e5e22832a3d7e748eab25c3a5109c4cee17d45dfb301
-
SHA512
07a15fdd338aadba68e5941837bd65dc0cba1bc352f63726be37b5389c2921d574cd4c45aefe85ba2f2de968af4842740a931d70909d0a012d6e16bb8ccba2ae
-
SSDEEP
6144:OKQpg3dwqsNy5ibpNjl4EqxF6snji81RUinKIC:7QcdQxl
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2