Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0a892a08a412adcc65702f61d285a442_JaffaCakes118

  • Size

    220KB

  • Sample

    241002-n4242svcll

  • MD5

    0a892a08a412adcc65702f61d285a442

  • SHA1

    5525cac8ed52c537e67b95442d4d4f008b520db9

  • SHA256

    a1ea81e2c6d6b5d29c178378321501415d77b4dc01e68877662ef2725f2ab948

  • SHA512

    c1f67e7121775624c0c10c5b3f09d3f1bf3f23122fbe2ec7078a66a483064ecd84aeed46180405ddd5afd8c5da7601f901c91806c0af29b82e40786bca5e217f

  • SSDEEP

    6144:xNSDyWIkFthprZ+orTh3HNdGu4uhUsBZUVteqm2:bSDyQFtjtZ5vBGbF

Score
10/10

Malware Config

Targets

    • Target

      0a892a08a412adcc65702f61d285a442_JaffaCakes118

    • Size

      220KB

    • MD5

      0a892a08a412adcc65702f61d285a442

    • SHA1

      5525cac8ed52c537e67b95442d4d4f008b520db9

    • SHA256

      a1ea81e2c6d6b5d29c178378321501415d77b4dc01e68877662ef2725f2ab948

    • SHA512

      c1f67e7121775624c0c10c5b3f09d3f1bf3f23122fbe2ec7078a66a483064ecd84aeed46180405ddd5afd8c5da7601f901c91806c0af29b82e40786bca5e217f

    • SSDEEP

      6144:xNSDyWIkFthprZ+orTh3HNdGu4uhUsBZUVteqm2:bSDyQFtjtZ5vBGbF

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v15

Tasks