Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    124e575151bce44756db05a58bc4ddb4_JaffaCakes118

  • Size

    61KB

  • Sample

    241004-hr2d4avalb

  • MD5

    124e575151bce44756db05a58bc4ddb4

  • SHA1

    365fef81126275beeb9ed756fe6b2fbe02cc929d

  • SHA256

    aea306b480e8ee38fcb612ad2b9dc35a86e22c4de37623bc290d7b68908af1e6

  • SHA512

    5dcb207e24e759007d3af94117df79600d4f1d20ca5aa116709e34c3060d6e56d4fc821707507e6e547771fa4e979b563c061c14d67397706fe30ebcf004ccf9

  • SSDEEP

    1536:DBboW+94yqtjD72ioFl4Qx/IUFN6STGvJSmU8roaFlrQAGEPzA:1bK9L2W/1SSTuvn3rMEPzA

Malware Config

Targets

    • Target

      124e575151bce44756db05a58bc4ddb4_JaffaCakes118

    • Size

      61KB

    • MD5

      124e575151bce44756db05a58bc4ddb4

    • SHA1

      365fef81126275beeb9ed756fe6b2fbe02cc929d

    • SHA256

      aea306b480e8ee38fcb612ad2b9dc35a86e22c4de37623bc290d7b68908af1e6

    • SHA512

      5dcb207e24e759007d3af94117df79600d4f1d20ca5aa116709e34c3060d6e56d4fc821707507e6e547771fa4e979b563c061c14d67397706fe30ebcf004ccf9

    • SSDEEP

      1536:DBboW+94yqtjD72ioFl4Qx/IUFN6STGvJSmU8roaFlrQAGEPzA:1bK9L2W/1SSTuvn3rMEPzA

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Adds Run key to start application

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks