Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2a9e9f6bcc018b4d34edcf5dd501046c_JaffaCakes118

  • Size

    337KB

  • Sample

    241009-esm2bayhrc

  • MD5

    2a9e9f6bcc018b4d34edcf5dd501046c

  • SHA1

    3b2e9cc7cc5319cfa0fd8a79d613fee7c3905754

  • SHA256

    efb845eb4d7a4cf685ae80f194a653cd8e1bafff9735c86155209b6cf458322d

  • SHA512

    f52687aa463266e8942c1e1411bc908ce451ed7c9b35dc028713778217eeb56ee7243f92a9223aa684d7edb1e20c8243a07e7ff9fd268c497c20a9d1e7612c76

  • SSDEEP

    6144:0S+QH6yN8wfRe3q+2ZYbO2PY/eQanlrUJfnzCP/L2Si+gtsXYHuy4cT7/47R:eE6y66e3N272PYXZJePaSYtbuD7

Malware Config

Targets

    • Target

      2a9e9f6bcc018b4d34edcf5dd501046c_JaffaCakes118

    • Size

      337KB

    • MD5

      2a9e9f6bcc018b4d34edcf5dd501046c

    • SHA1

      3b2e9cc7cc5319cfa0fd8a79d613fee7c3905754

    • SHA256

      efb845eb4d7a4cf685ae80f194a653cd8e1bafff9735c86155209b6cf458322d

    • SHA512

      f52687aa463266e8942c1e1411bc908ce451ed7c9b35dc028713778217eeb56ee7243f92a9223aa684d7edb1e20c8243a07e7ff9fd268c497c20a9d1e7612c76

    • SSDEEP

      6144:0S+QH6yN8wfRe3q+2ZYbO2PY/eQanlrUJfnzCP/L2Si+gtsXYHuy4cT7/47R:eE6y66e3N272PYXZJePaSYtbuD7

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks