Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ff04ba3860366f3963fe0cf0067f7082_JaffaCakes118

  • Size

    133KB

  • Sample

    240929-v19s2sxajf

  • MD5

    ff04ba3860366f3963fe0cf0067f7082

  • SHA1

    99e1d45140c906890469265731c6a6aeb98a1a15

  • SHA256

    292774947bc0ebacb4f38b801f264cbbfffe3eb7a79320fafa245cd62424307e

  • SHA512

    0325bbdfdf5f6ae97322aaf99dcf7e76e0e5de0980a27edc765ed68eae6ac8ea93d967a30199e54eba00337935771b6f2a7303e1f052d4ed5868ef03c5b6fb7a

  • SSDEEP

    3072:DK3gKNPYSYSvzDRAKYc031mhIJGuw14Hzr8WpaW6CwI5Rj4F63i688DviG:DKwqYlSbFAKYT1mhIw9KU5CwI9

Malware Config

Targets

    • Target

      ff04ba3860366f3963fe0cf0067f7082_JaffaCakes118

    • Size

      133KB

    • MD5

      ff04ba3860366f3963fe0cf0067f7082

    • SHA1

      99e1d45140c906890469265731c6a6aeb98a1a15

    • SHA256

      292774947bc0ebacb4f38b801f264cbbfffe3eb7a79320fafa245cd62424307e

    • SHA512

      0325bbdfdf5f6ae97322aaf99dcf7e76e0e5de0980a27edc765ed68eae6ac8ea93d967a30199e54eba00337935771b6f2a7303e1f052d4ed5868ef03c5b6fb7a

    • SSDEEP

      3072:DK3gKNPYSYSvzDRAKYc031mhIJGuw14Hzr8WpaW6CwI5Rj4F63i688DviG:DKwqYlSbFAKYT1mhIw9KU5CwI9

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Checks whether UAC is enabled

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks