Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0b2cf9abc1b88e6db894191bdae4a95f_JaffaCakes118

  • Size

    259KB

  • Sample

    241002-r2lwtsvgjg

  • MD5

    0b2cf9abc1b88e6db894191bdae4a95f

  • SHA1

    22c2765d188b5e1780fdd732a361fbd732e8441e

  • SHA256

    34f30c88f787108b49a07c2f36ffae92d8c337dfdaeaf4266683c711832a06e1

  • SHA512

    b660f78cc3e1064094060c868cac14e01909d2f1e9cfedc032ebc62df49f562bbee0702c7ad00db987db7bd951cfe5fd2992e604ad17746f4e271a992ddd64f6

  • SSDEEP

    6144:uSaBurd4ixUO3crX87b09HVVw+YOEB/gSlK7KOwb2:V/mybcQXUm+YOe2wb2

Malware Config

Targets

    • Target

      0b2cf9abc1b88e6db894191bdae4a95f_JaffaCakes118

    • Size

      259KB

    • MD5

      0b2cf9abc1b88e6db894191bdae4a95f

    • SHA1

      22c2765d188b5e1780fdd732a361fbd732e8441e

    • SHA256

      34f30c88f787108b49a07c2f36ffae92d8c337dfdaeaf4266683c711832a06e1

    • SHA512

      b660f78cc3e1064094060c868cac14e01909d2f1e9cfedc032ebc62df49f562bbee0702c7ad00db987db7bd951cfe5fd2992e604ad17746f4e271a992ddd64f6

    • SSDEEP

      6144:uSaBurd4ixUO3crX87b09HVVw+YOEB/gSlK7KOwb2:V/mybcQXUm+YOe2wb2

    • Modifies firewall policy service

    • Modifies security service

    • Sets service image path in registry

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks