Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    409d1a6ef6366d783a25eb3f1810178f_JaffaCakes118

  • Size

    20KB

  • Sample

    241013-stem8axhjj

  • MD5

    409d1a6ef6366d783a25eb3f1810178f

  • SHA1

    63c41f0f94fe69875ea318caf1dd54c83f852514

  • SHA256

    7bb2e5f8bcf6ee91fc65dcdd9617827fcf6ea9b31708b260f6c4fd3593c98f73

  • SHA512

    c3db7abe0a42ca10aeeb84c6aebe63f87c678282b27939af62e2402db5ce95bfa67886c1a875cec8ab4671f6cbac3510f2143b1edca6df15521d74289dea65e6

  • SSDEEP

    384:wvCCFpKHC+4k6mS6+/KgLS+Q/7EqWvXg:wvCjHCfxmSBJSr/Qq

Malware Config

Targets

    • Target

      409d1a6ef6366d783a25eb3f1810178f_JaffaCakes118

    • Size

      20KB

    • MD5

      409d1a6ef6366d783a25eb3f1810178f

    • SHA1

      63c41f0f94fe69875ea318caf1dd54c83f852514

    • SHA256

      7bb2e5f8bcf6ee91fc65dcdd9617827fcf6ea9b31708b260f6c4fd3593c98f73

    • SHA512

      c3db7abe0a42ca10aeeb84c6aebe63f87c678282b27939af62e2402db5ce95bfa67886c1a875cec8ab4671f6cbac3510f2143b1edca6df15521d74289dea65e6

    • SSDEEP

      384:wvCCFpKHC+4k6mS6+/KgLS+Q/7EqWvXg:wvCjHCfxmSBJSr/Qq

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks