Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
16aca10ef267502af3aa2e7238711db2_JaffaCakes118
-
Size
284KB
-
Sample
241005-h1w6qsscrq
-
MD5
16aca10ef267502af3aa2e7238711db2
-
SHA1
94388e0642eb627e6528e74ae59f0c6168f14c65
-
SHA256
c3bb75347269745a0d37c95847e2f8ee28fc873c8430a55d84d93699f18f9f0e
-
SHA512
c8a0f258d310e4f2409c04d0aeaa957f0f918c24ee26b771a5b18b554094b1d2a30a924907da544352c6e5d618087c32853e867f6129204ee057a67a7614d7da
-
SSDEEP
6144:RrNqi5OChL5Rjda3P/fis6Do/uP+tFb84ly7aQ:hNqi0CF5xI3PH96DoWPYb8D
Malware Config
Targets
-
-
Target
16aca10ef267502af3aa2e7238711db2_JaffaCakes118
-
Size
284KB
-
MD5
16aca10ef267502af3aa2e7238711db2
-
SHA1
94388e0642eb627e6528e74ae59f0c6168f14c65
-
SHA256
c3bb75347269745a0d37c95847e2f8ee28fc873c8430a55d84d93699f18f9f0e
-
SHA512
c8a0f258d310e4f2409c04d0aeaa957f0f918c24ee26b771a5b18b554094b1d2a30a924907da544352c6e5d618087c32853e867f6129204ee057a67a7614d7da
-
SSDEEP
6144:RrNqi5OChL5Rjda3P/fis6Do/uP+tFb84ly7aQ:hNqi0CF5xI3PH96DoWPYb8D
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2