Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
02e7d5728e48acededdc0de9f8337096_JaffaCakes118
-
Size
100KB
-
Sample
240930-x2dhca1ejj
-
MD5
02e7d5728e48acededdc0de9f8337096
-
SHA1
1936278544621e726ad6cdc23e6fe82adef8be06
-
SHA256
ca0b6175d51418468830cacf18daebb72fff502c6c24657a2201242d7af4b060
-
SHA512
46dd44b5115f0bc23b79d5d6177c5ea59408e971dd864ae995e67b3ea8e39dbb841ed566799fe65507e312c441c2cd011a759fbd5b5eec26f3a1fc37596ffdfd
-
SSDEEP
1536:/Bt0V82NTdwHXLGZcYADZPU1+73BD88b0nyLNIjnZrJ:4wqgZPUQJLCnlJ
Malware Config
Targets
-
-
Target
02e7d5728e48acededdc0de9f8337096_JaffaCakes118
-
Size
100KB
-
MD5
02e7d5728e48acededdc0de9f8337096
-
SHA1
1936278544621e726ad6cdc23e6fe82adef8be06
-
SHA256
ca0b6175d51418468830cacf18daebb72fff502c6c24657a2201242d7af4b060
-
SHA512
46dd44b5115f0bc23b79d5d6177c5ea59408e971dd864ae995e67b3ea8e39dbb841ed566799fe65507e312c441c2cd011a759fbd5b5eec26f3a1fc37596ffdfd
-
SSDEEP
1536:/Bt0V82NTdwHXLGZcYADZPU1+73BD88b0nyLNIjnZrJ:4wqgZPUQJLCnlJ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2