Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3ccf52ad85d92aa1f8e96d52eafa973d_JaffaCakes118
-
Size
304KB
-
Sample
241013-anlv8stenq
-
MD5
3ccf52ad85d92aa1f8e96d52eafa973d
-
SHA1
31d602cefdab2e805e85362ea03e2c63ef6a9067
-
SHA256
d3d5d0ecdd18af2e83b3de9fbc3d332700981091c067f79134458949bca384fc
-
SHA512
9bb5a54e0f0866f424554a0ae8dbf6a3ccc7e9bdd7e46590e92fc1ae9a83bb268b570a5b47da547ba1fd3413ac4585f100833072fbe609edce0bc3421bf74f74
-
SSDEEP
6144:XdVaKl/9f8AbGcdeoDW+/OWtb9yOPmeAVbfP1r4riA7AroW+nYaFyzf/H551FjmZ:XDx/9UtO2TW00UM5AEPoViJAndeyC
Malware Config
Targets
-
-
Target
3ccf52ad85d92aa1f8e96d52eafa973d_JaffaCakes118
-
Size
304KB
-
MD5
3ccf52ad85d92aa1f8e96d52eafa973d
-
SHA1
31d602cefdab2e805e85362ea03e2c63ef6a9067
-
SHA256
d3d5d0ecdd18af2e83b3de9fbc3d332700981091c067f79134458949bca384fc
-
SHA512
9bb5a54e0f0866f424554a0ae8dbf6a3ccc7e9bdd7e46590e92fc1ae9a83bb268b570a5b47da547ba1fd3413ac4585f100833072fbe609edce0bc3421bf74f74
-
SSDEEP
6144:XdVaKl/9f8AbGcdeoDW+/OWtb9yOPmeAVbfP1r4riA7AroW+nYaFyzf/H551FjmZ:XDx/9UtO2TW00UM5AEPoViJAndeyC
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2