Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0ebec8be6baced04447b22d80a1dd6c9_JaffaCakes118
-
Size
260KB
-
Sample
241003-j6y3ystcrn
-
MD5
0ebec8be6baced04447b22d80a1dd6c9
-
SHA1
4384a46721f9fece5bd7bad407d4e2471787041d
-
SHA256
b66ba044beb550f600684299e907634f0eff0fa7b0f70c3f982b5af3d340fc52
-
SHA512
9b0e887d14abad601bdd22f22ea2b27b8a6daad7959d5e309f2577e1e9cb0a4885b034c2387faa2f782af5a99a8a15e3c2fe36c416ac349eb69f6f90d079c392
-
SSDEEP
3072:vgfAlNNvh25n/kZoSUjMqXnpWAkpAmTSrMaIOYt/jo7LAtPhjjtZnfHFEoWBfGVn:vdUgTSrMaIl/jcLijfHFEHWzXvjT85R
Malware Config
Targets
-
-
Target
0ebec8be6baced04447b22d80a1dd6c9_JaffaCakes118
-
Size
260KB
-
MD5
0ebec8be6baced04447b22d80a1dd6c9
-
SHA1
4384a46721f9fece5bd7bad407d4e2471787041d
-
SHA256
b66ba044beb550f600684299e907634f0eff0fa7b0f70c3f982b5af3d340fc52
-
SHA512
9b0e887d14abad601bdd22f22ea2b27b8a6daad7959d5e309f2577e1e9cb0a4885b034c2387faa2f782af5a99a8a15e3c2fe36c416ac349eb69f6f90d079c392
-
SSDEEP
3072:vgfAlNNvh25n/kZoSUjMqXnpWAkpAmTSrMaIOYt/jo7LAtPhjjtZnfHFEoWBfGVn:vdUgTSrMaIl/jcLijfHFEHWzXvjT85R
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2