Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4133824fbb65092f4a2c5b2686de65b3_JaffaCakes118

  • Size

    177KB

  • Sample

    241013-v8zcaaygkg

  • MD5

    4133824fbb65092f4a2c5b2686de65b3

  • SHA1

    1474decb2b1ed0e20efd928565cab1f551c1afc8

  • SHA256

    f0d3255fca85a7455e9774c4a9bda08d0b689c9a291957ed2ac275c2873b26c7

  • SHA512

    545eff738037a8cf316b002be55d25c7e5fa7391ca83fadecaca2b9cf4da7842125c3b1199a7bcb07acb9c97531139bf599a4756c25d631e682f54724f8cff11

  • SSDEEP

    3072:gzMcjBEcqgTUrsphY4nihbufRRB9rFoiGaWF/m6x04TxQB0vDEs:gtUiGKY4niGzeK6y4K4o

Malware Config

Targets

    • Target

      4133824fbb65092f4a2c5b2686de65b3_JaffaCakes118

    • Size

      177KB

    • MD5

      4133824fbb65092f4a2c5b2686de65b3

    • SHA1

      1474decb2b1ed0e20efd928565cab1f551c1afc8

    • SHA256

      f0d3255fca85a7455e9774c4a9bda08d0b689c9a291957ed2ac275c2873b26c7

    • SHA512

      545eff738037a8cf316b002be55d25c7e5fa7391ca83fadecaca2b9cf4da7842125c3b1199a7bcb07acb9c97531139bf599a4756c25d631e682f54724f8cff11

    • SSDEEP

      3072:gzMcjBEcqgTUrsphY4nihbufRRB9rFoiGaWF/m6x04TxQB0vDEs:gtUiGKY4niGzeK6y4K4o

    • Modifies firewall policy service

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks