Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fbf2a66d988323cdc81a749b7cdacd32_JaffaCakes118
-
Size
152KB
-
Sample
240928-kya7laxdmk
-
MD5
fbf2a66d988323cdc81a749b7cdacd32
-
SHA1
07cc00f652b16e411c20f1e75d24c1ad9813706f
-
SHA256
04d623af6a1faf42039f12089931a426e240c717617470e98fd3cc143cde0753
-
SHA512
5b8fc4754783647810e49f1f23fec19c0927b5e323afa4400107ef524ff4e137d139f975776ff7ece9c89ae292eb3e70fe4144fa3cd1bd9597063cc0c260b798
-
SSDEEP
3072:jMG4PYYh0Z1AOg+7DxNUbaxIcz93bOButK+ZAok:pg+7DxVh3bHp1k
Malware Config
Targets
-
-
Target
fbf2a66d988323cdc81a749b7cdacd32_JaffaCakes118
-
Size
152KB
-
MD5
fbf2a66d988323cdc81a749b7cdacd32
-
SHA1
07cc00f652b16e411c20f1e75d24c1ad9813706f
-
SHA256
04d623af6a1faf42039f12089931a426e240c717617470e98fd3cc143cde0753
-
SHA512
5b8fc4754783647810e49f1f23fec19c0927b5e323afa4400107ef524ff4e137d139f975776ff7ece9c89ae292eb3e70fe4144fa3cd1bd9597063cc0c260b798
-
SSDEEP
3072:jMG4PYYh0Z1AOg+7DxNUbaxIcz93bOButK+ZAok:pg+7DxVh3bHp1k
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2