Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fa3815e512d61b337eb78cbf7b943466_JaffaCakes118
-
Size
156KB
-
Sample
240927-ma925azfnh
-
MD5
fa3815e512d61b337eb78cbf7b943466
-
SHA1
effc7555918e24fd143120970040b1a2be28b535
-
SHA256
4fcc2432b7399cf50928da08ae906920d3561504ba3f1ee05c0b90e2432b5854
-
SHA512
883f1325ddcaa08d659fae3fec7431d320541e917e4826976a63f6a4a88762fce58ab993a299dca0197c25bae3797d81943e647df361072e3349828d62afeb67
-
SSDEEP
1536:JRrFfuLMRsNLCNMSG5+SUdqeHAQWXZaNwRRczNoU1LbLkOVD:/rdu4aZLBRWhlLz
Malware Config
Targets
-
-
Target
fa3815e512d61b337eb78cbf7b943466_JaffaCakes118
-
Size
156KB
-
MD5
fa3815e512d61b337eb78cbf7b943466
-
SHA1
effc7555918e24fd143120970040b1a2be28b535
-
SHA256
4fcc2432b7399cf50928da08ae906920d3561504ba3f1ee05c0b90e2432b5854
-
SHA512
883f1325ddcaa08d659fae3fec7431d320541e917e4826976a63f6a4a88762fce58ab993a299dca0197c25bae3797d81943e647df361072e3349828d62afeb67
-
SSDEEP
1536:JRrFfuLMRsNLCNMSG5+SUdqeHAQWXZaNwRRczNoU1LbLkOVD:/rdu4aZLBRWhlLz
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2