Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    13e42b0bcd4ec6702d2ff4ce5f5b1ccd_JaffaCakes118

  • Size

    198KB

  • Sample

    241004-srdm5svhnd

  • MD5

    13e42b0bcd4ec6702d2ff4ce5f5b1ccd

  • SHA1

    cdbb772997cd8f79b889ad790b1a3e326ae69b1b

  • SHA256

    82029f82fde8b78c4b0313a58d89c32a078fc18f565cc4ebc4b0ab30d340b675

  • SHA512

    e773fcc81d6a547f9910c107a47e6edeedfa5666397a26e2ca0f9a25b471ab247e8545d44949ab87263d5a30fd2c707af0fd8fa33f3b041529a73f10a2ecd949

  • SSDEEP

    3072:fBivIGKtx6KXqK5hLkYX9aZCwFNEFQCqqXsUNq4WXeY6+vvDDRrs+eq:UIGK/EKLnuCwzFUNqhOYzt

Malware Config

Targets

    • Target

      13e42b0bcd4ec6702d2ff4ce5f5b1ccd_JaffaCakes118

    • Size

      198KB

    • MD5

      13e42b0bcd4ec6702d2ff4ce5f5b1ccd

    • SHA1

      cdbb772997cd8f79b889ad790b1a3e326ae69b1b

    • SHA256

      82029f82fde8b78c4b0313a58d89c32a078fc18f565cc4ebc4b0ab30d340b675

    • SHA512

      e773fcc81d6a547f9910c107a47e6edeedfa5666397a26e2ca0f9a25b471ab247e8545d44949ab87263d5a30fd2c707af0fd8fa33f3b041529a73f10a2ecd949

    • SSDEEP

      3072:fBivIGKtx6KXqK5hLkYX9aZCwFNEFQCqqXsUNq4WXeY6+vvDDRrs+eq:UIGK/EKLnuCwzFUNqhOYzt

    • Deletes itself

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks