Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    033aaa8455fd4b310dc7dc1c1297856d_JaffaCakes118

  • Size

    17KB

  • Sample

    240930-zqdebayele

  • MD5

    033aaa8455fd4b310dc7dc1c1297856d

  • SHA1

    0513f1c212d657f722f3f4149c69bcfc3d703ae8

  • SHA256

    6523861c5ba4469e9cde8e6c1dcd3a32c949225ac20e9458becac2161f412ff6

  • SHA512

    f296d0d344c85c82b92c440addd6b4712c7d7c1247def6e60f2a59aa26f272bcf8fb4edc93edb8703e88e584048d2f241138a67bbc870dafe6eb44cf88c82c37

  • SSDEEP

    384:sFs0HzHfcmZO2Zp+Nye8pqrmub8TyztsDN:sC4HfoKK8o8TyJc

Malware Config

Targets

    • Target

      033aaa8455fd4b310dc7dc1c1297856d_JaffaCakes118

    • Size

      17KB

    • MD5

      033aaa8455fd4b310dc7dc1c1297856d

    • SHA1

      0513f1c212d657f722f3f4149c69bcfc3d703ae8

    • SHA256

      6523861c5ba4469e9cde8e6c1dcd3a32c949225ac20e9458becac2161f412ff6

    • SHA512

      f296d0d344c85c82b92c440addd6b4712c7d7c1247def6e60f2a59aa26f272bcf8fb4edc93edb8703e88e584048d2f241138a67bbc870dafe6eb44cf88c82c37

    • SSDEEP

      384:sFs0HzHfcmZO2Zp+Nye8pqrmub8TyztsDN:sC4HfoKK8o8TyJc

    • Event Triggered Execution: Image File Execution Options Injection

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks