Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0b1bbf48b174d2916c36b78645469394_JaffaCakes118

  • Size

    256KB

  • Sample

    241002-rq9ths1brk

  • MD5

    0b1bbf48b174d2916c36b78645469394

  • SHA1

    72fcad162d6dcfe7fa1824dad3bb586c82f51b86

  • SHA256

    443a502a0675f44cf7d87926d2d3fe22af7df19c1ba75f5dac0ff7de0420c946

  • SHA512

    e473defca7b8f653447118962684e5f2ec917213cd5dda6749a40b3cde700a31fc2ecc275bdffba59c3f1185fe74d35637b358814cab9a0e115d5c2c858b6449

  • SSDEEP

    3072:A0bfWRrIMNRlZ62Pal2LBJXmzOHm5WZ3K+MC4xxOQ39cOaRr5ZGPVB:AWepp3PJXCOGY3eNxxOQ39cC

Malware Config

Targets

    • Target

      0b1bbf48b174d2916c36b78645469394_JaffaCakes118

    • Size

      256KB

    • MD5

      0b1bbf48b174d2916c36b78645469394

    • SHA1

      72fcad162d6dcfe7fa1824dad3bb586c82f51b86

    • SHA256

      443a502a0675f44cf7d87926d2d3fe22af7df19c1ba75f5dac0ff7de0420c946

    • SHA512

      e473defca7b8f653447118962684e5f2ec917213cd5dda6749a40b3cde700a31fc2ecc275bdffba59c3f1185fe74d35637b358814cab9a0e115d5c2c858b6449

    • SSDEEP

      3072:A0bfWRrIMNRlZ62Pal2LBJXmzOHm5WZ3K+MC4xxOQ39cOaRr5ZGPVB:AWepp3PJXCOGY3eNxxOQ39cC

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks