Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fe196add855b16dc1b8e80729610a4e0_JaffaCakes118

  • Size

    3.6MB

  • Sample

    240929-jww6lsybka

  • MD5

    fe196add855b16dc1b8e80729610a4e0

  • SHA1

    f44efb48cda5958e5603b36d1a59709a847fc0e7

  • SHA256

    1545645f6c5ecc9f14ee924de8ad3dea051e24a8fca9b34beedf958cae0c1b90

  • SHA512

    78285eb98cefe794720d198509e4ccacfead6546dd0d70594bc137a41c99b6db2d8f5db1a5b674283396165b5fda7a970d34dff376dead59ba67c5e583e2075a

  • SSDEEP

    98304:qGk6+Wzyy2Js1c8YlQvtGSpQVYQahXSj68h761:DtZz9msbEbvVY06CQ

Malware Config

Targets

    • Target

      fe196add855b16dc1b8e80729610a4e0_JaffaCakes118

    • Size

      3.6MB

    • MD5

      fe196add855b16dc1b8e80729610a4e0

    • SHA1

      f44efb48cda5958e5603b36d1a59709a847fc0e7

    • SHA256

      1545645f6c5ecc9f14ee924de8ad3dea051e24a8fca9b34beedf958cae0c1b90

    • SHA512

      78285eb98cefe794720d198509e4ccacfead6546dd0d70594bc137a41c99b6db2d8f5db1a5b674283396165b5fda7a970d34dff376dead59ba67c5e583e2075a

    • SSDEEP

      98304:qGk6+Wzyy2Js1c8YlQvtGSpQVYQahXSj68h761:DtZz9msbEbvVY06CQ

    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks