Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3ff7965a2969e79dbe794fcb40c4872a_JaffaCakes118

  • Size

    83KB

  • Sample

    241013-p5hbpsscjl

  • MD5

    3ff7965a2969e79dbe794fcb40c4872a

  • SHA1

    834ce35cbdb28944fea1cb11ede45410cdfb52ec

  • SHA256

    d8b13bc5e2e45119b95f015503d6b43c4aebd22845e398f19b5fff77d960555f

  • SHA512

    7e726dc846898c853b6f17b5f495da85d30237707980c9085d47c749417aeff3bbe383b7cce816d02444ad4d18d5b84bd6300250a693390595b733b75fd1281c

  • SSDEEP

    1536:UKleE1ogL6gxNmmciUb7DMZPv5sq8L36lMKnjgPrASGwyXDBfqCje3NqHN0VS7m:UKlvLHNGNvDMZ5sqFMNkLwy9qc0V6m

Malware Config

Targets

    • Target

      3ff7965a2969e79dbe794fcb40c4872a_JaffaCakes118

    • Size

      83KB

    • MD5

      3ff7965a2969e79dbe794fcb40c4872a

    • SHA1

      834ce35cbdb28944fea1cb11ede45410cdfb52ec

    • SHA256

      d8b13bc5e2e45119b95f015503d6b43c4aebd22845e398f19b5fff77d960555f

    • SHA512

      7e726dc846898c853b6f17b5f495da85d30237707980c9085d47c749417aeff3bbe383b7cce816d02444ad4d18d5b84bd6300250a693390595b733b75fd1281c

    • SSDEEP

      1536:UKleE1ogL6gxNmmciUb7DMZPv5sq8L36lMKnjgPrASGwyXDBfqCje3NqHN0VS7m:UKlvLHNGNvDMZ5sqFMNkLwy9qc0V6m

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks