Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    004f988ee75cdf3645c9aacca8491394_JaffaCakes118

  • Size

    244KB

  • Sample

    240930-jzv3qatgrk

  • MD5

    004f988ee75cdf3645c9aacca8491394

  • SHA1

    72a30959efda90cc16066d22956fa8e0d8c68663

  • SHA256

    96abd574a8373707ea1c43da227c8929a03a895bab137d3eefd84aba73049850

  • SHA512

    13a59b0419edae90b761c6b8ae3937b1dacaa81247e71bda98e0fb55c8b6e48eb51c4eb6a0c6d2a900ad4baceaae39ec40fd734fcd8f10d9cd621bdd4dc64793

  • SSDEEP

    6144:AAg79NB/xnVHw514ITyQWAbqab1byetkefrh:WfQDRcNs1tkefF

Malware Config

Targets

    • Target

      004f988ee75cdf3645c9aacca8491394_JaffaCakes118

    • Size

      244KB

    • MD5

      004f988ee75cdf3645c9aacca8491394

    • SHA1

      72a30959efda90cc16066d22956fa8e0d8c68663

    • SHA256

      96abd574a8373707ea1c43da227c8929a03a895bab137d3eefd84aba73049850

    • SHA512

      13a59b0419edae90b761c6b8ae3937b1dacaa81247e71bda98e0fb55c8b6e48eb51c4eb6a0c6d2a900ad4baceaae39ec40fd734fcd8f10d9cd621bdd4dc64793

    • SSDEEP

      6144:AAg79NB/xnVHw514ITyQWAbqab1byetkefrh:WfQDRcNs1tkefF

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks