Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0fa39020e0e3f7dede81755b314758ce_JaffaCakes118

  • Size

    220KB

  • Sample

    241003-t2pzlaydqh

  • MD5

    0fa39020e0e3f7dede81755b314758ce

  • SHA1

    812e2fde134def02cf24c33ccdf7988f0663636c

  • SHA256

    770be449a967832ba3390e6bf640538ce7aed1ef63f8d05ee460bd84932272ad

  • SHA512

    d4736e0fbcba5878f2e9102f3d971b4dd70bfafeb3dd103b42fa92ffec0a055a1975dff2f16d78f42a11efcf89c3806c24204ee09322d60899685bb4a2aa6514

  • SSDEEP

    3072:vejL4hbSxmqvsxv5gVzaSCzhIJFRxdJWtD5qK23L:U4hbSxm+wgzXnxtK2b

Malware Config

Targets

    • Target

      0fa39020e0e3f7dede81755b314758ce_JaffaCakes118

    • Size

      220KB

    • MD5

      0fa39020e0e3f7dede81755b314758ce

    • SHA1

      812e2fde134def02cf24c33ccdf7988f0663636c

    • SHA256

      770be449a967832ba3390e6bf640538ce7aed1ef63f8d05ee460bd84932272ad

    • SHA512

      d4736e0fbcba5878f2e9102f3d971b4dd70bfafeb3dd103b42fa92ffec0a055a1975dff2f16d78f42a11efcf89c3806c24204ee09322d60899685bb4a2aa6514

    • SSDEEP

      3072:vejL4hbSxmqvsxv5gVzaSCzhIJFRxdJWtD5qK23L:U4hbSxm+wgzXnxtK2b

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks