Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fa6ceab0262055609beab19609de8482_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240927-pxekvashlj

  • MD5

    fa6ceab0262055609beab19609de8482

  • SHA1

    d19410d2489d313864dce3c327865c8193ee5ecf

  • SHA256

    6017c9c427da769de7dedf91d1250c2a32a34b71a4e1fe3389362c1b9f782722

  • SHA512

    c1e08fbfefd28d3b8d3a5faaca79c0f7b0ec7df5f74e71ecf25f83c24baa159e7dcbd40f32f8d8786f9db97ebc783dbbfffebf8bb1e12999ac430bec20ee2803

  • SSDEEP

    12288:FSjzwRzH1RighUFZzHtC9FDY8c8H+Lm/yjxeiSOHTApwn2fTrNsef1JOXHXTSeD9:geVRrhMxY9FDY8cLa/OerzTrNtSjS

Malware Config

Targets

    • Target

      fa6ceab0262055609beab19609de8482_JaffaCakes118

    • Size

      1.1MB

    • MD5

      fa6ceab0262055609beab19609de8482

    • SHA1

      d19410d2489d313864dce3c327865c8193ee5ecf

    • SHA256

      6017c9c427da769de7dedf91d1250c2a32a34b71a4e1fe3389362c1b9f782722

    • SHA512

      c1e08fbfefd28d3b8d3a5faaca79c0f7b0ec7df5f74e71ecf25f83c24baa159e7dcbd40f32f8d8786f9db97ebc783dbbfffebf8bb1e12999ac430bec20ee2803

    • SSDEEP

      12288:FSjzwRzH1RighUFZzHtC9FDY8c8H+Lm/yjxeiSOHTApwn2fTrNsef1JOXHXTSeD9:geVRrhMxY9FDY8cLa/OerzTrNtSjS

    • Modifies WinLogon for persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks