Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fbf2a66d988323cdc81a749b7cdacd32_JaffaCakes118

  • Size

    152KB

  • Sample

    240928-kya7laxdmk

  • MD5

    fbf2a66d988323cdc81a749b7cdacd32

  • SHA1

    07cc00f652b16e411c20f1e75d24c1ad9813706f

  • SHA256

    04d623af6a1faf42039f12089931a426e240c717617470e98fd3cc143cde0753

  • SHA512

    5b8fc4754783647810e49f1f23fec19c0927b5e323afa4400107ef524ff4e137d139f975776ff7ece9c89ae292eb3e70fe4144fa3cd1bd9597063cc0c260b798

  • SSDEEP

    3072:jMG4PYYh0Z1AOg+7DxNUbaxIcz93bOButK+ZAok:pg+7DxVh3bHp1k

Malware Config

Targets

    • Target

      fbf2a66d988323cdc81a749b7cdacd32_JaffaCakes118

    • Size

      152KB

    • MD5

      fbf2a66d988323cdc81a749b7cdacd32

    • SHA1

      07cc00f652b16e411c20f1e75d24c1ad9813706f

    • SHA256

      04d623af6a1faf42039f12089931a426e240c717617470e98fd3cc143cde0753

    • SHA512

      5b8fc4754783647810e49f1f23fec19c0927b5e323afa4400107ef524ff4e137d139f975776ff7ece9c89ae292eb3e70fe4144fa3cd1bd9597063cc0c260b798

    • SSDEEP

      3072:jMG4PYYh0Z1AOg+7DxNUbaxIcz93bOButK+ZAok:pg+7DxVh3bHp1k

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks