Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f5303a31ad8042c411a6ad09763126f9_JaffaCakes118
-
Size
380KB
-
Sample
240925-e437nsybqa
-
MD5
f5303a31ad8042c411a6ad09763126f9
-
SHA1
a190885212e327caafc82ca1079850f8e2ba79ce
-
SHA256
13dd982dd0cdcfdbbb5bb9038988ae69aabfabf3ce09c7b0c304a5618567fd7d
-
SHA512
31d6d47a44d7dd990cdbac6dfcb74a9ac54c16901ff92db2135daf6f3787493a9eceead2c948e1654a6276b93efa763f318b05df1168c7a58cf472e01ad28380
-
SSDEEP
6144:ghfoQK1Zc/jWhvd0yTNxjT0M1zWyjYdtZ:SflKQeV0C30IzWr
Malware Config
Targets
-
-
Target
f5303a31ad8042c411a6ad09763126f9_JaffaCakes118
-
Size
380KB
-
MD5
f5303a31ad8042c411a6ad09763126f9
-
SHA1
a190885212e327caafc82ca1079850f8e2ba79ce
-
SHA256
13dd982dd0cdcfdbbb5bb9038988ae69aabfabf3ce09c7b0c304a5618567fd7d
-
SHA512
31d6d47a44d7dd990cdbac6dfcb74a9ac54c16901ff92db2135daf6f3787493a9eceead2c948e1654a6276b93efa763f318b05df1168c7a58cf472e01ad28380
-
SSDEEP
6144:ghfoQK1Zc/jWhvd0yTNxjT0M1zWyjYdtZ:SflKQeV0C30IzWr
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2