Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    26fedfe9ca4855a8bbdd4bbc61fe06e6_JaffaCakes118

  • Size

    32KB

  • Sample

    241008-3dggzsxgkl

  • MD5

    26fedfe9ca4855a8bbdd4bbc61fe06e6

  • SHA1

    c695bc1d78b5bbd27d61650643b9402667b12023

  • SHA256

    e823f12c245a82a9c421678f960d9590ef8ac2de786442c966fd829a5e1a2152

  • SHA512

    53fc529a0058bb87b666d7e91e96b1745f42137f9a9afee668ae2389cb73e97578d8b5090948d1e4c77efd796af6d48072d14ddadd0f1d45757ec9c9e3030954

  • SSDEEP

    768:OIMGlhBxtzSlG3XV2scACW3TftY3lf93LS36HMZT:OgTB+lmV22j3i/S6HMB

Malware Config

Targets

    • Target

      26fedfe9ca4855a8bbdd4bbc61fe06e6_JaffaCakes118

    • Size

      32KB

    • MD5

      26fedfe9ca4855a8bbdd4bbc61fe06e6

    • SHA1

      c695bc1d78b5bbd27d61650643b9402667b12023

    • SHA256

      e823f12c245a82a9c421678f960d9590ef8ac2de786442c966fd829a5e1a2152

    • SHA512

      53fc529a0058bb87b666d7e91e96b1745f42137f9a9afee668ae2389cb73e97578d8b5090948d1e4c77efd796af6d48072d14ddadd0f1d45757ec9c9e3030954

    • SSDEEP

      768:OIMGlhBxtzSlG3XV2scACW3TftY3lf93LS36HMZT:OgTB+lmV22j3i/S6HMB

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks