Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fa4092046c87ccbe8b8dcf67dd006b6a_JaffaCakes118
-
Size
248KB
-
Sample
240927-mpjhqaybnm
-
MD5
fa4092046c87ccbe8b8dcf67dd006b6a
-
SHA1
25263a5f5acd63a0ddb8c3b54f6b8bdbcf1e6439
-
SHA256
a8cca8cf2fb062e97ae8fcbb73669e1cf4b89d2f070b262617eab5a69971afa3
-
SHA512
394cc91dbe6f684d82df5ea2dc3a86418cf8ac27820e6135c5da5598251f3d5bb2cd29ab610596c99291be826e6570ea65a7d9b5e4ff6297d4bfd7e4477dd195
-
SSDEEP
6144:m2M5CElofkFWQPtnRneqAKnvmb7/D269fgwMty0e6ndv0DyVr:mt5CLkFfnRnWKnvmb7/D26qndv0D+
Malware Config
Targets
-
-
Target
fa4092046c87ccbe8b8dcf67dd006b6a_JaffaCakes118
-
Size
248KB
-
MD5
fa4092046c87ccbe8b8dcf67dd006b6a
-
SHA1
25263a5f5acd63a0ddb8c3b54f6b8bdbcf1e6439
-
SHA256
a8cca8cf2fb062e97ae8fcbb73669e1cf4b89d2f070b262617eab5a69971afa3
-
SHA512
394cc91dbe6f684d82df5ea2dc3a86418cf8ac27820e6135c5da5598251f3d5bb2cd29ab610596c99291be826e6570ea65a7d9b5e4ff6297d4bfd7e4477dd195
-
SSDEEP
6144:m2M5CElofkFWQPtnRneqAKnvmb7/D269fgwMty0e6ndv0DyVr:mt5CLkFfnRnWKnvmb7/D26qndv0D+
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2