Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0358e215e0a9994d5f59c2a7c60366af_JaffaCakes118

  • Size

    107KB

  • Sample

    240930-1hlw6aweqm

  • MD5

    0358e215e0a9994d5f59c2a7c60366af

  • SHA1

    c37da2537f6162aaca518e5223929db2eea2610e

  • SHA256

    6cd9b986f6e133bf30115d6e49871b97e09335538f86fdf37a328fa2f7e3fd5b

  • SHA512

    349bf1cb07fbd5023bba8a0c936b6ee07115b81d15eed41fe594a0d35ef3472bad01074c16107050e094921cc401acf53712c6c16894c4bf7a79a51dad363498

  • SSDEEP

    3072:eYQtt+Duvs/lxp2JbJ9JWB9NqML4kj+wC4v1:eYQC7PpAbJ9JWskj+9m

Malware Config

Targets

    • Target

      0358e215e0a9994d5f59c2a7c60366af_JaffaCakes118

    • Size

      107KB

    • MD5

      0358e215e0a9994d5f59c2a7c60366af

    • SHA1

      c37da2537f6162aaca518e5223929db2eea2610e

    • SHA256

      6cd9b986f6e133bf30115d6e49871b97e09335538f86fdf37a328fa2f7e3fd5b

    • SHA512

      349bf1cb07fbd5023bba8a0c936b6ee07115b81d15eed41fe594a0d35ef3472bad01074c16107050e094921cc401acf53712c6c16894c4bf7a79a51dad363498

    • SSDEEP

      3072:eYQtt+Duvs/lxp2JbJ9JWB9NqML4kj+wC4v1:eYQC7PpAbJ9JWskj+9m

    • Deletes itself

    • Loads dropped DLL

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks