Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fb3af1a46463dd9b6aaf8d25ba508324_JaffaCakes118

  • Size

    25KB

  • Sample

    240928-blpd1s1gkd

  • MD5

    fb3af1a46463dd9b6aaf8d25ba508324

  • SHA1

    022e457fa97f65f9eef072ca644200bbaee4086e

  • SHA256

    83a9ea0d6dfe2215b48bb78f8b21b4cf12093194beb9c87dcfb1d068b9d955c6

  • SHA512

    149981edbd57767e7ac4b850aa1ca853879ee0d5ee7bd29e0a1e307ed971b1e1ab67b1717a23a395fea75207644d686bc57fe868f2e0097251a163d2d7367378

  • SSDEEP

    384:f1Muz0oFyZMVodRKWoGD7PuVt7iEdFoSxCJFnUYrG65WTfDL:N90oKMmL7mWEdFCJFnloTv

Malware Config

Targets

    • Target

      fb3af1a46463dd9b6aaf8d25ba508324_JaffaCakes118

    • Size

      25KB

    • MD5

      fb3af1a46463dd9b6aaf8d25ba508324

    • SHA1

      022e457fa97f65f9eef072ca644200bbaee4086e

    • SHA256

      83a9ea0d6dfe2215b48bb78f8b21b4cf12093194beb9c87dcfb1d068b9d955c6

    • SHA512

      149981edbd57767e7ac4b850aa1ca853879ee0d5ee7bd29e0a1e307ed971b1e1ab67b1717a23a395fea75207644d686bc57fe868f2e0097251a163d2d7367378

    • SSDEEP

      384:f1Muz0oFyZMVodRKWoGD7PuVt7iEdFoSxCJFnUYrG65WTfDL:N90oKMmL7mWEdFCJFnloTv

    • Adds Run key to start application

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks