Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ff5e0becb9993309825301d8b993c632_JaffaCakes118

  • Size

    393KB

  • Sample

    240929-1gashawaqf

  • MD5

    ff5e0becb9993309825301d8b993c632

  • SHA1

    c86274e7405e67c29c76da0f78607c9850f1f790

  • SHA256

    b251f67abff686647577a1a764911bd8a7d60216693c8d9e513fc8dc241e12e0

  • SHA512

    fe771660fcc5d2aec5b43e86871391aff9f8c8293da634ff042166cbe4987d69f82a51306b919571aed43a8357229d08eaf790091923f912723467283ae7f552

  • SSDEEP

    6144:NMwPfMXE8RBlYmP4I99mGJKko33SURApteIR0BhOyC4K6/U8a0fFvG:Nv8RBmmgbGMF33SU+tDRqhG6/U8aKFu

Malware Config

Targets

    • Target

      ff5e0becb9993309825301d8b993c632_JaffaCakes118

    • Size

      393KB

    • MD5

      ff5e0becb9993309825301d8b993c632

    • SHA1

      c86274e7405e67c29c76da0f78607c9850f1f790

    • SHA256

      b251f67abff686647577a1a764911bd8a7d60216693c8d9e513fc8dc241e12e0

    • SHA512

      fe771660fcc5d2aec5b43e86871391aff9f8c8293da634ff042166cbe4987d69f82a51306b919571aed43a8357229d08eaf790091923f912723467283ae7f552

    • SSDEEP

      6144:NMwPfMXE8RBlYmP4I99mGJKko33SURApteIR0BhOyC4K6/U8a0fFvG:Nv8RBmmgbGMF33SU+tDRqhG6/U8aKFu

    • Windows security bypass

    • Disables taskbar notifications via registry modification

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks