Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fd3671d4c95e16cb11b38e2a8766462d_JaffaCakes118

  • Size

    1.6MB

  • Sample

    240928-1qpb9a1ala

  • MD5

    fd3671d4c95e16cb11b38e2a8766462d

  • SHA1

    29dc82d6597c8425eee00f2e8185b61a7395f948

  • SHA256

    961b4c2ff40975c3ef62029c058e9261700f1d7e324bc752a7dda5ef57c2fad0

  • SHA512

    ca3b636433e4591dfc5ebf01db9431367a7282ee8d2286109e969c536cf1b807f01182adbd79fe7139a4056a0aea69de8704bdbdccd14e9ca6e0acf116ea93cf

  • SSDEEP

    24576:UuhaGeZJ8NI87eZJ8NI8DerQZb+md4wmqeZJ8NI87eZJ8NI8DerQZb+md4wmm:b28U8DerQZbd2v8U8DerQZbd2C

Malware Config

Targets

    • Target

      fd3671d4c95e16cb11b38e2a8766462d_JaffaCakes118

    • Size

      1.6MB

    • MD5

      fd3671d4c95e16cb11b38e2a8766462d

    • SHA1

      29dc82d6597c8425eee00f2e8185b61a7395f948

    • SHA256

      961b4c2ff40975c3ef62029c058e9261700f1d7e324bc752a7dda5ef57c2fad0

    • SHA512

      ca3b636433e4591dfc5ebf01db9431367a7282ee8d2286109e969c536cf1b807f01182adbd79fe7139a4056a0aea69de8704bdbdccd14e9ca6e0acf116ea93cf

    • SSDEEP

      24576:UuhaGeZJ8NI87eZJ8NI8DerQZb+md4wmqeZJ8NI87eZJ8NI8DerQZb+md4wmm:b28U8DerQZbd2v8U8DerQZbd2C

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Network Share Discovery

      Attempt to gather information on host network.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks