Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0ba9505fc13728dce315ef1265b29b93_JaffaCakes118

  • Size

    511KB

  • Sample

    241002-vev3rs1ala

  • MD5

    0ba9505fc13728dce315ef1265b29b93

  • SHA1

    b656afde584983f91edc0cb1a712b6c04cff428f

  • SHA256

    c77302f3f6a60cbf03057102487a43fd394fdbae6d5fa82a904439feade7b6e4

  • SHA512

    5e8b485096b1e209c8aac7922577aecce88677305d4547f72245602954b5956fc3a4beb09fbf55f19d5819956cee78caf7c99556586208e35c7f47625b5dbd7b

  • SSDEEP

    12288:jma3hihwWTGNtGnh8kG6xfQtWrBhVc19lfknS5REv78rX:jmkZWTqkG6fQWWtkn4RE47

Score
9/10

Malware Config

Targets

    • Target

      0ba9505fc13728dce315ef1265b29b93_JaffaCakes118

    • Size

      511KB

    • MD5

      0ba9505fc13728dce315ef1265b29b93

    • SHA1

      b656afde584983f91edc0cb1a712b6c04cff428f

    • SHA256

      c77302f3f6a60cbf03057102487a43fd394fdbae6d5fa82a904439feade7b6e4

    • SHA512

      5e8b485096b1e209c8aac7922577aecce88677305d4547f72245602954b5956fc3a4beb09fbf55f19d5819956cee78caf7c99556586208e35c7f47625b5dbd7b

    • SSDEEP

      12288:jma3hihwWTGNtGnh8kG6xfQtWrBhVc19lfknS5REv78rX:jmkZWTqkG6fQWWtkn4RE47

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks