Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    109da14f7ea14aca656fc404bd7e0d5c_JaffaCakes118

  • Size

    119KB

  • Sample

    241003-1mkjwsyarl

  • MD5

    109da14f7ea14aca656fc404bd7e0d5c

  • SHA1

    05135c035e406fd59d21eee22f0781eddb34dac4

  • SHA256

    f31e9010f4c0ef6f58ab6a89931d03628d9fe1c896c7446b3db7a51fe085cfa1

  • SHA512

    f77aa7a8e62a694ea063cd0a6c1b30670397d80e2e98c81df4cd165537301db7670efe1cc2f17db75304a37c8ba616680e967fcde90e0d075307746ba908967a

  • SSDEEP

    3072:6zdYe6SkN2NsZQXw6QiLs3m1EplhRgKJFL:CySkNCsZvZm6plDL

Score
9/10

Malware Config

Targets

    • Target

      109da14f7ea14aca656fc404bd7e0d5c_JaffaCakes118

    • Size

      119KB

    • MD5

      109da14f7ea14aca656fc404bd7e0d5c

    • SHA1

      05135c035e406fd59d21eee22f0781eddb34dac4

    • SHA256

      f31e9010f4c0ef6f58ab6a89931d03628d9fe1c896c7446b3db7a51fe085cfa1

    • SHA512

      f77aa7a8e62a694ea063cd0a6c1b30670397d80e2e98c81df4cd165537301db7670efe1cc2f17db75304a37c8ba616680e967fcde90e0d075307746ba908967a

    • SSDEEP

      3072:6zdYe6SkN2NsZQXw6QiLs3m1EplhRgKJFL:CySkNCsZvZm6plDL

    Score
    9/10
    • Detected Nirsoft tools

      Free utilities often used by attackers which can steal passwords, product keys, etc.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks