Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0d017d6a6f63df1e53bb481ed1b3fc9d_JaffaCakes118
-
Size
168KB
-
Sample
241003-aa3xlaxepc
-
MD5
0d017d6a6f63df1e53bb481ed1b3fc9d
-
SHA1
c51d555abf5d40d731454ac2bac3fb3092dd709b
-
SHA256
ed2d90f43fabb7b8c56e2fe313c453431796a9071f0da465c19b9a758e9c59cc
-
SHA512
5fe39b30d4870ca073f45040067d496d59a462aa737a65b9157b8f4f9a8cabf4ee74e6c7d36d03cad53817e52d82b2a87bf235eb8c8ce72eeafa1bc0e3695d15
-
SSDEEP
1536:cjsulp5+eroCqSaWi1BmQT8gEA2ibO/aDyrOt80BRU1sHzsNfB5R1Rc06v:q+CzXlg
Malware Config
Targets
-
-
Target
0d017d6a6f63df1e53bb481ed1b3fc9d_JaffaCakes118
-
Size
168KB
-
MD5
0d017d6a6f63df1e53bb481ed1b3fc9d
-
SHA1
c51d555abf5d40d731454ac2bac3fb3092dd709b
-
SHA256
ed2d90f43fabb7b8c56e2fe313c453431796a9071f0da465c19b9a758e9c59cc
-
SHA512
5fe39b30d4870ca073f45040067d496d59a462aa737a65b9157b8f4f9a8cabf4ee74e6c7d36d03cad53817e52d82b2a87bf235eb8c8ce72eeafa1bc0e3695d15
-
SSDEEP
1536:cjsulp5+eroCqSaWi1BmQT8gEA2ibO/aDyrOt80BRU1sHzsNfB5R1Rc06v:q+CzXlg
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2