Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    451d8073e69e4ca14cba626553f24755_JaffaCakes118

  • Size

    2.8MB

  • Sample

    241015-bn3peswemf

  • MD5

    451d8073e69e4ca14cba626553f24755

  • SHA1

    2bd06aa070546ed780fda61f77875b7eff07ca6c

  • SHA256

    655ec66ff682343e7688645d75ad2b5b1fb66057643a2ef851434db8e13ad5b1

  • SHA512

    f1c1033acfc96f501ef7343ea6d0f4ba8fa694c2ce8ee671c83fc32da37794811209bcdd185440ea00ee7546e275a46083d7e1eabd1b6197dba64a4a9d917189

  • SSDEEP

    24576:uMfmMfmMfmMfmMfmMfmMfmMfmMfmMfmMfmMfmMff:uffffffffffffa

Malware Config

Targets

    • Target

      451d8073e69e4ca14cba626553f24755_JaffaCakes118

    • Size

      2.8MB

    • MD5

      451d8073e69e4ca14cba626553f24755

    • SHA1

      2bd06aa070546ed780fda61f77875b7eff07ca6c

    • SHA256

      655ec66ff682343e7688645d75ad2b5b1fb66057643a2ef851434db8e13ad5b1

    • SHA512

      f1c1033acfc96f501ef7343ea6d0f4ba8fa694c2ce8ee671c83fc32da37794811209bcdd185440ea00ee7546e275a46083d7e1eabd1b6197dba64a4a9d917189

    • SSDEEP

      24576:uMfmMfmMfmMfmMfmMfmMfmMfmMfmMfmMfmMfmMff:uffffffffffffa

    • UAC bypass

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks