Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    04fc1edc170e97f32acf3a88851d19bb_JaffaCakes118

  • Size

    57KB

  • Sample

    241001-j4gqwsyhql

  • MD5

    04fc1edc170e97f32acf3a88851d19bb

  • SHA1

    a7accbf28caa2a5fbb9aeac37272e7e92be41d9e

  • SHA256

    d9c575c88b654513905e0924b68740aa8f8d35804a20ef2521463462f1e7ad27

  • SHA512

    80346417e61db7644d2eb47d36ba3943c916972a119248820afc38138ae146e2656048729748dd4aa86a1180019eac333281faa21a1a4eabca49450875e0cde2

  • SSDEEP

    768:0PC/QVu/fe7NjcUFnf6Oc5QubwY1zX2cyFx4sBEw5SGRL2gVLRrQUboiEsZQT:0K/QofGjViOcGFY1Hy3551qsWUEiEsM

Malware Config

Targets

    • Target

      04fc1edc170e97f32acf3a88851d19bb_JaffaCakes118

    • Size

      57KB

    • MD5

      04fc1edc170e97f32acf3a88851d19bb

    • SHA1

      a7accbf28caa2a5fbb9aeac37272e7e92be41d9e

    • SHA256

      d9c575c88b654513905e0924b68740aa8f8d35804a20ef2521463462f1e7ad27

    • SHA512

      80346417e61db7644d2eb47d36ba3943c916972a119248820afc38138ae146e2656048729748dd4aa86a1180019eac333281faa21a1a4eabca49450875e0cde2

    • SSDEEP

      768:0PC/QVu/fe7NjcUFnf6Oc5QubwY1zX2cyFx4sBEw5SGRL2gVLRrQUboiEsZQT:0K/QofGjViOcGFY1Hy3551qsWUEiEsM

    • Disables service(s)

    • Modifies firewall policy service

    • Modifies Windows Firewall

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks