Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    269e0491e7c1a47010f538856e543042_JaffaCakes118

  • Size

    26KB

  • Sample

    241008-2qw8javdrr

  • MD5

    269e0491e7c1a47010f538856e543042

  • SHA1

    44a7d4af4ba59b4ea9bec696d122c35f829586eb

  • SHA256

    f1237a50fd17301f0bb52462bdae3c3bd4647e7b92a9843bb1beafe40a0bcb3d

  • SHA512

    5ce61129ddb198b5d3749dca22df81beb9b54b3c9f5a3dac911aeec9450d9b42e1c7301a8f175e4f43da30cae574f87710c65c29105e612335ef1f74d97c494a

  • SSDEEP

    384:1M3PnQoHDCpHf4I4Qwdc0G5KDJ9MFoe7vfO1Ld7:1m/QojCpHfx09MF3vgLd7

Score
8/10

Malware Config

Targets

    • Target

      269e0491e7c1a47010f538856e543042_JaffaCakes118

    • Size

      26KB

    • MD5

      269e0491e7c1a47010f538856e543042

    • SHA1

      44a7d4af4ba59b4ea9bec696d122c35f829586eb

    • SHA256

      f1237a50fd17301f0bb52462bdae3c3bd4647e7b92a9843bb1beafe40a0bcb3d

    • SHA512

      5ce61129ddb198b5d3749dca22df81beb9b54b3c9f5a3dac911aeec9450d9b42e1c7301a8f175e4f43da30cae574f87710c65c29105e612335ef1f74d97c494a

    • SSDEEP

      384:1M3PnQoHDCpHf4I4Qwdc0G5KDJ9MFoe7vfO1Ld7:1m/QojCpHfx09MF3vgLd7

    Score
    8/10
    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks